Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-45447 (GCVE-0-2026-45447)
Vulnerability from cvelistv5 – Published: 2026-06-09 16:03 – Updated: 2026-07-06 12:04
VLAI
EPSS
Title
Heap Use-After-Free in the PKCS7_verify() Function
Summary
Issue summary: A specially crafted PKCS#7 or S/MIME signed message could
trigger a use-after-free during PKCS#7 signature verification.
Impact summary: A use-after-free may result in process crashes, heap
corruption, or potentially remote code execution.
When processing a PKCS#7 or S/MIME signed message, if the SignedData
digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may
incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent
use of the BIO by the calling application results in a use-after-free
condition.
In the common case this occurs when the application later calls
BIO_free() on the BIO originally passed to PKCS7_verify(). Depending
on allocator behavior and application-specific BIO usage patterns, this
may result in a crash or other memory corruption. In some application
contexts this may potentially be exploitable for remote code execution.
Applications that process PKCS#7 or S/MIME signed messages using OpenSSL
PKCS#7 APIs may be affected. Applications using the CMS APIs for this
processing are not affected.
The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this
issue, as the affected code is outside the OpenSSL FIPS module boundary.
Severity
8.8 (High)
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
16 references
Impacted products
19 products
| Vendor | Product | Version | |
|---|---|---|---|
| OpenSSL | OpenSSL |
Affected:
4.0.0 , < 4.0.1
(semver)
Affected: 3.6.0 , < 3.6.3 (semver) Affected: 3.5.0 , < 3.5.7 (semver) Affected: 3.4.0 , < 3.4.6 (semver) Affected: 3.0.0 , < 3.0.21 (semver) Affected: 1.1.1 , < 1.1.1zh (custom) Affected: 1.0.2 , < 1.0.2zq (custom) |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 8) |
cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6) |
cpe:/o:redhat:rhel_eus_long_life:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.8.8) |
cpe:/o:redhat:rhel_e4s:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS TUS (v.8.8) |
cpe:/o:redhat:rhel_tus:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 9) |
cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Discovery 2 |
cpe:/a:redhat:discovery:2::el9 |
|
| Red Hat | Red Hat Insights proxy 1.5 |
cpe:/a:redhat:insights_proxy:1.5::el9 |
|
| Red Hat | Red Hat Update Infrastructure 5 |
cpe:/a:redhat:rhui:5::el9 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
Date Public
2026-06-09 14:00
Credits
Thai Duong (Calif.io in collaboration with Claude and Anthropic Research)
Igor Ustinov
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-45447",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T03:59:38.212378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T13:32:20.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:insights_proxy:1.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Insights proxy 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhui:5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Update Infrastructure 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
}
],
"datePublic": "2026-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T12:04:54.450Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-45447"
},
{
"name": "RHBZ#2481898",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481898"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45447.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25237"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:35869"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25239"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26275"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29197"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34102"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26319"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:25237: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:35869: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:25239: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26275: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:29197: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:34102: Red Hat Insights proxy 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:26319: Red Hat Update Infrastructure 5"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-27T14:17:46.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-06-09T00:00:00.000Z",
"value": "Made public."
}
],
"title": "openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "4.0.1",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"lessThan": "3.6.3",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"lessThan": "3.5.7",
"status": "affected",
"version": "3.5.0",
"versionType": "semver"
},
{
"lessThan": "3.4.6",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.0.21",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1zh",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zq",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Thai Duong (Calif.io in collaboration with Claude and Anthropic Research)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Igor Ustinov"
}
],
"datePublic": "2026-06-09T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\u003cbr\u003etrigger a use-after-free during PKCS#7 signature verification.\u003cbr\u003e\u003cbr\u003eImpact summary: A use-after-free may result in process crashes, heap\u003cbr\u003ecorruption, or potentially remote code execution.\u003cbr\u003e\u003cbr\u003eWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\u003cbr\u003edigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\u003cbr\u003eincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\u003cbr\u003euse of the BIO by the calling application results in a use-after-free\u003cbr\u003econdition.\u003cbr\u003e\u003cbr\u003eIn the common case this occurs when the application later calls\u003cbr\u003eBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\u003cbr\u003eon allocator behavior and application-specific BIO usage patterns, this\u003cbr\u003emay result in a crash or other memory corruption. In some application\u003cbr\u003econtexts this may potentially be exploitable for remote code execution.\u003cbr\u003e\u003cbr\u003eApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\u003cbr\u003ePKCS#7 APIs may be affected. Applications using the CMS APIs for this\u003cbr\u003eprocessing are not affected.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\u003cbr\u003eissue, as the affected code is outside the OpenSSL FIPS module boundary."
}
],
"value": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "High"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T07:48:15.381Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20260609.txt"
},
{
"name": "4.0.1 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c"
},
{
"name": "3.6.3 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e"
},
{
"name": "3.5.7 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8"
},
{
"name": "3.4.6 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/a541ae8bfe849a30cc885e8780715c0f488e496c"
},
{
"name": "3.0.21 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Heap Use-After-Free in the PKCS7_verify() Function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2026-45447",
"datePublished": "2026-06-09T16:03:32.914Z",
"dateReserved": "2026-05-12T14:34:06.277Z",
"dateUpdated": "2026-07-06T12:04:54.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-45447",
"date": "2026-07-06",
"epss": "0.02719",
"percentile": "0.84242"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-45447\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2026-06-09T17:17:19.277\",\"lastModified\":\"2026-07-06T13:16:59.400\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\\ntrigger a use-after-free during PKCS#7 signature verification.\\n\\nImpact summary: A use-after-free may result in process crashes, heap\\ncorruption, or potentially remote code execution.\\n\\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\\nuse of the BIO by the calling application results in a use-after-free\\ncondition.\\n\\nIn the common case this occurs when the application later calls\\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\\non allocator behavior and application-specific BIO usage patterns, this\\nmay result in a crash or other memory corruption. In some application\\ncontexts this may potentially be exploitable for remote code execution.\\n\\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\\nprocessing are not affected.\\n\\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\\nissue, as the affected code is outside the OpenSSL FIPS module boundary.\"}],\"affected\":[{\"source\":\"openssl-security@openssl.org\",\"affectedData\":[{\"vendor\":\"OpenSSL\",\"product\":\"OpenSSL\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"4.0.0\",\"lessThan\":\"4.0.1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.6.0\",\"lessThan\":\"3.6.3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.5.0\",\"lessThan\":\"3.5.7\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.4.0\",\"lessThan\":\"3.4.6\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.0.0\",\"lessThan\":\"3.0.21\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.1.1\",\"lessThan\":\"1.1.1zh\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"1.0.2\",\"lessThan\":\"1.0.2zq\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus_long_life:8.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:8.8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS TUS (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_tus:8.8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Discovery 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:discovery:2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Insights proxy 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:insights_proxy:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Update Infrastructure 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhui:5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-10T03:59:38.212378Z\",\"id\":\"CVE-2026-45447\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-825\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2\",\"versionEndExcluding\":\"1.0.2zq\",\"matchCriteriaId\":\"F534B804-67B6-49DA-8A86-0FF21E512908\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.1\",\"versionEndExcluding\":\"1.1.1zh\",\"matchCriteriaId\":\"43EFE1E3-4049-4EE6-A2AE-BDBA38E6870F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.21\",\"matchCriteriaId\":\"EDB88756-EDFE-4886-A267-3F19342A6042\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.6\",\"matchCriteriaId\":\"BF7E21E7-AEC0-4882-B1F1-2D056B506F22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.7\",\"matchCriteriaId\":\"6B6B9930-C549-4D88-9784-AF32CCDDB87A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.6.0\",\"versionEndExcluding\":\"3.6.3\",\"matchCriteriaId\":\"D41B3C45-EC73-4DC8-989D-B2E2792E102F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:4.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E881B9A-1A0A-4BC0-8160-20C00561167D\"}]}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/a541ae8bfe849a30cc885e8780715c0f488e496c\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssl/openssl/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://openssl-library.org/news/secadv/20260609.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25237\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25239\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26275\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26319\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29197\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34102\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:35869\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-45447\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2481898\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45447.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS TUS (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:insights_proxy:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Insights proxy 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhui:5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Update Infrastructure 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-27T14:17:46.000Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-06-09T00:00:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:25237: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25239: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26275: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29197: Red Hat Discovery 2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34102: Red Hat Insights proxy 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26319: Red Hat Update Infrastructure 5\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-06-09T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-45447\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2481898\", \"name\": \"RHBZ#2481898\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45447.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25237\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25239\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26275\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29197\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34102\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26319\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in OpenSSL. When processing a specially crafted PKCS#7 or S/MIME (Secure/Multipurpose Internet Mail Extensions) signed message, a heap use-after-free vulnerability in the PKCS7_verify() function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, leading to incorrect memory deallocation. A remote attacker could exploit this to cause application crashes, memory corruption, or potentially achieve remote code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-825\", \"description\": \"Expired Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-02T12:05:25.879Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-45447\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-10T03:59:38.212378Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-09T18:36:48.165Z\"}}], \"cna\": {\"title\": \"Heap Use-After-Free in the PKCS7_verify() Function\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Thai Duong (Calif.io in collaboration with Claude and Anthropic Research)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Igor Ustinov\"}], \"metrics\": [{\"other\": {\"type\": \"https://openssl-library.org/policies/general/security-policy/\", \"content\": {\"text\": \"High\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0.0\", \"lessThan\": \"4.0.1\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.6.0\", \"lessThan\": \"3.6.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.5.0\", \"lessThan\": \"3.5.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.4.0\", \"lessThan\": \"3.4.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.21\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.1.1\", \"lessThan\": \"1.1.1zh\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0.2\", \"lessThan\": \"1.0.2zq\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-06-09T14:00:00.000Z\", \"references\": [{\"url\": \"https://openssl-library.org/news/secadv/20260609.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c\", \"name\": \"4.0.1 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e\", \"name\": \"3.6.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8\", \"name\": \"3.5.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/a541ae8bfe849a30cc885e8780715c0f488e496c\", \"name\": \"3.4.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54\", \"name\": \"3.0.21 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\\ntrigger a use-after-free during PKCS#7 signature verification.\\n\\nImpact summary: A use-after-free may result in process crashes, heap\\ncorruption, or potentially remote code execution.\\n\\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\\nuse of the BIO by the calling application results in a use-after-free\\ncondition.\\n\\nIn the common case this occurs when the application later calls\\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\\non allocator behavior and application-specific BIO usage patterns, this\\nmay result in a crash or other memory corruption. In some application\\ncontexts this may potentially be exploitable for remote code execution.\\n\\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\\nprocessing are not affected.\\n\\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\\nissue, as the affected code is outside the OpenSSL FIPS module boundary.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\u003cbr\u003etrigger a use-after-free during PKCS#7 signature verification.\u003cbr\u003e\u003cbr\u003eImpact summary: A use-after-free may result in process crashes, heap\u003cbr\u003ecorruption, or potentially remote code execution.\u003cbr\u003e\u003cbr\u003eWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\u003cbr\u003edigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\u003cbr\u003eincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\u003cbr\u003euse of the BIO by the calling application results in a use-after-free\u003cbr\u003econdition.\u003cbr\u003e\u003cbr\u003eIn the common case this occurs when the application later calls\u003cbr\u003eBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\u003cbr\u003eon allocator behavior and application-specific BIO usage patterns, this\u003cbr\u003emay result in a crash or other memory corruption. In some application\u003cbr\u003econtexts this may potentially be exploitable for remote code execution.\u003cbr\u003e\u003cbr\u003eApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\u003cbr\u003ePKCS#7 APIs may be affected. Applications using the CMS APIs for this\u003cbr\u003eprocessing are not affected.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\u003cbr\u003eissue, as the affected code is outside the OpenSSL FIPS module boundary.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2026-06-10T07:48:15.381Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-45447\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-02T12:05:25.879Z\", \"dateReserved\": \"2026-05-12T14:34:06.277Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2026-06-09T16:03:32.914Z\", \"assignerShortName\": \"openssl\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:22143-1
Vulnerability from csaf_suse - Published: 2026-06-11 12:51 - Updated: 2026-06-11 12:51Summary
Security update for openssl-3-livepatches
Severity
Important
Notes
Title of the patch: Security update for openssl-3-livepatches
Description of the patch: This update for openssl-3-livepatches fixes the following issues
- CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).
- CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266389, bsc#1266357).
Patchnames: SUSE-SLE-Micro-6.1-575
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3-livepatches fixes the following issues\n\n- CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878).\n- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876).\n- CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266389, bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-575",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22143-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22143-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622143-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22143-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047397.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256876",
"url": "https://bugzilla.suse.com/1256876"
},
{
"category": "self",
"summary": "SUSE Bug 1256878",
"url": "https://bugzilla.suse.com/1256878"
},
{
"category": "self",
"summary": "SUSE Bug 1256880",
"url": "https://bugzilla.suse.com/1256880"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE Bug 1266389",
"url": "https://bugzilla.suse.com/1266389"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-11187 page",
"url": "https://www.suse.com/security/cve/CVE-2025-11187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15467 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15468 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
}
],
"title": "Security update for openssl-3-livepatches",
"tracking": {
"current_release_date": "2026-06-11T12:51:17Z",
"generator": {
"date": "2026-06-11T12:51:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22143-1",
"initial_release_date": "2026-06-11T12:51:17Z",
"revision_history": [
{
"date": "2026-06-11T12:51:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64",
"product": {
"name": "openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64",
"product_id": "openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
},
"product_reference": "openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-11187"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation\nwhich can trigger a stack-based buffer overflow, invalid pointer or NULL\npointer dereference during MAC verification.\n\nImpact summary: The stack buffer overflow or NULL pointer dereference may\ncause a crash leading to Denial of Service for an application that parses\nuntrusted PKCS#12 files. The buffer overflow may also potentially enable\ncode execution depending on platform mitigations.\n\nWhen verifying a PKCS#12 file that uses PBMAC1 for the MAC, the PBKDF2\nsalt and keylength parameters from the file are used without validation.\nIf the value of keylength exceeds the size of the fixed stack buffer used\nfor the derived key (64 bytes), the key derivation will overflow the buffer.\nThe overflow length is attacker-controlled. Also, if the salt parameter is\nnot an OCTET STRING type this can lead to invalid or NULL pointer\ndereference.\n\nExploiting this issue requires a user or application to process\na maliciously crafted PKCS#12 file. It is uncommon to accept untrusted\nPKCS#12 files in applications as they are usually used to store private\nkeys which are trusted by definition. For this reason the issue was assessed\nas Moderate severity.\n\nThe FIPS modules in 3.6, 3.5 and 3.4 are not affected by this issue, as\nPKCS#12 processing is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5 and 3.4 are vulnerable to this issue.\n\nOpenSSL 3.3, 3.0, 1.1.1 and 1.0.2 are not affected by this issue as they do\nnot support PBMAC1 in PKCS#12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-11187",
"url": "https://www.suse.com/security/cve/CVE-2025-11187"
},
{
"category": "external",
"summary": "SUSE Bug 1256829 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256829"
},
{
"category": "external",
"summary": "SUSE Bug 1256878 for CVE-2025-11187",
"url": "https://bugzilla.suse.com/1256878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-11T12:51:17Z",
"details": "important"
}
],
"title": "CVE-2025-11187"
},
{
"cve": "CVE-2025-15467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15467"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15467",
"url": "https://www.suse.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "SUSE Bug 1256830 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256830"
},
{
"category": "external",
"summary": "SUSE Bug 1256876 for CVE-2025-15467",
"url": "https://bugzilla.suse.com/1256876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-11T12:51:17Z",
"details": "critical"
}
],
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-15468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15468"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: If an application using the SSL_CIPHER_find() function in\na QUIC protocol client or server receives an unknown cipher suite from\nthe peer, a NULL dereference occurs.\n\nImpact summary: A NULL pointer dereference leads to abnormal termination of\nthe running process causing Denial of Service.\n\nSome applications call SSL_CIPHER_find() from the client_hello_cb callback\non the cipher ID received from the peer. If this is done with an SSL object\nimplementing the QUIC protocol, NULL pointer dereference will happen if\nthe examined cipher ID is unknown or unsupported.\n\nAs it is not very common to call this function in applications using the QUIC \nprotocol and the worst outcome is Denial of Service, the issue was assessed\nas Low severity.\n\nThe vulnerable code was introduced in the 3.2 version with the addition\nof the QUIC protocol support.\n\nThe FIPS modules in 3.6, 3.5, 3.4 and 3.3 are not affected by this issue,\nas the QUIC implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4 and 3.3 are vulnerable to this issue.\n\nOpenSSL 3.0, 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15468",
"url": "https://www.suse.com/security/cve/CVE-2025-15468"
},
{
"category": "external",
"summary": "SUSE Bug 1256831 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256831"
},
{
"category": "external",
"summary": "SUSE Bug 1256880 for CVE-2025-15468",
"url": "https://bugzilla.suse.com/1256880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-11T12:51:17Z",
"details": "important"
}
],
"title": "CVE-2025-15468"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:openssl-3-livepatches-0.4-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-11T12:51:17Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
}
]
}
SUSE-SU-2026:22251-1
Vulnerability from csaf_suse - Published: 2026-06-22 12:23 - Updated: 2026-06-22 12:23Summary
Security update for openssl-3
Severity
Important
Notes
Title of the patch: Security update for openssl-3
Description of the patch: This update for openssl-3 fixes the following issues
- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).
- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).
- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).
- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).
- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
Patchnames: SUSE-SL-Micro-6.2-1017
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.2 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
67 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues\n\n- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).\n- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).\n- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).\n- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).\n- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).\n- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).\n- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).\n- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-1017",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22251-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22251-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622251-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22251-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047707.html"
},
{
"category": "self",
"summary": "SUSE Bug 1259652",
"url": "https://bugzilla.suse.com/1259652"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266344",
"url": "https://bugzilla.suse.com/1266344"
},
{
"category": "self",
"summary": "SUSE Bug 1266345",
"url": "https://bugzilla.suse.com/1266345"
},
{
"category": "self",
"summary": "SUSE Bug 1266347",
"url": "https://bugzilla.suse.com/1266347"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266350",
"url": "https://bugzilla.suse.com/1266350"
},
{
"category": "self",
"summary": "SUSE Bug 1266351",
"url": "https://bugzilla.suse.com/1266351"
},
{
"category": "self",
"summary": "SUSE Bug 1266352",
"url": "https://bugzilla.suse.com/1266352"
},
{
"category": "self",
"summary": "SUSE Bug 1266353",
"url": "https://bugzilla.suse.com/1266353"
},
{
"category": "self",
"summary": "SUSE Bug 1266355",
"url": "https://bugzilla.suse.com/1266355"
},
{
"category": "self",
"summary": "SUSE Bug 1266356",
"url": "https://bugzilla.suse.com/1266356"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34182 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34183 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42764 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42767 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42768 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42769 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42770 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45445 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-06-22T12:23:46Z",
"generator": {
"date": "2026-06-22T12:23:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22251-1",
"initial_release_date": "2026-06-22T12:23:46Z",
"revision_history": [
{
"date": "2026-06-22T12:23:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl3-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.aarch64",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.aarch64",
"product_id": "openssl-3-3.5.0-160000.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl3-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.ppc64le",
"product_id": "openssl-3-3.5.0-160000.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl3-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.s390x",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.s390x",
"product_id": "openssl-3-3.5.0-160000.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl3-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.x86_64",
"product_id": "openssl-3-3.5.0-160000.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2673"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the \u0027DEFAULT\u0027 keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client\u0027s initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server\u0027s configuration uses the \u0027DEFAULT\u0027 keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n\u0027DEFAULT\u0027 list to lose its \u0027tuple\u0027 structure, and all server-supported groups\nwere treated as a single sufficiently secure \u0027tuple\u0027, with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as \u0027X25519MLKEM768\u0027, if the client\u0027s\nconfiguration results in only \u0027classical\u0027 groups (such as \u0027X25519\u0027 being the\nonly ones in the client\u0027s initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single \u0027flat\u0027\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct \u0027tuples\u0027 of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client\u0027s predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server\u0027s configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group \u0027tuples\u0027.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2673",
"url": "https://www.suse.com/security/cve/CVE-2026-2673"
},
{
"category": "external",
"summary": "SUSE Bug 1259652 for CVE-2026-2673",
"url": "https://bugzilla.suse.com/1259652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-2673"
},
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-34182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34182"
}
],
"notes": [
{
"category": "general",
"text": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform\nsufficient input validation on the cipher and tag length fields of\nAuthEnvelopedData containers, leading to various potential compromises.\n\nImpact Summary: Attackers making use of these vulnerabilities may achieve\nkey-equivalent functionality for a given CMS recipient and/or bypass integrity\nvalidation for a given message.\n\nIn one use case, an attacker may send a CMS message containing\nAuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL\nerroneously allows this selection, and attempts to decrypt and validate the\nmessage.\n\nAn on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData\naddressed to the victim can re-emit it with the recipientInfos set left\nbyte-for-byte intact, so the victim\u0027s private key still unwraps the genuine CEK\n(the content-encryption key), but with the inner OID rewritten to AES-256-OFB\n(Output Feedback Mode, an unauthenticated keystream mode) and with an\nattacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the\nreal CEK, never consults the MAC field, and CMS_decrypt() returns success.\n\nIf the application under attack responds to the attacker with any indicator\nshowing success or failure of the decryption effort, it is possible for the\nattacker to use this as an oracle to obtain key equivalent functionality for the\nCEK used for the chosen recipient of the message.\n\nIn another use case, an attacker can reduce the tag length of the chosen AEAD\ncipher for a given AuthEnvelopedData container to be a single byte long,\nallowing an attacker to brute force CMS decryption, producing an integrity\nbypass for applications that trust CMS_decrypt() to reject modified content.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34182",
"url": "https://www.suse.com/security/cve/CVE-2026-34182"
},
{
"category": "external",
"summary": "SUSE Bug 1266344 for CVE-2026-34182",
"url": "https://bugzilla.suse.com/1266344"
},
{
"category": "external",
"summary": "SUSE Bug 1269279 for CVE-2026-34182",
"url": "https://bugzilla.suse.com/1269279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34182"
},
{
"cve": "CVE-2026-34183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34183"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Remote peer may exhaust heap memory of the QUIC\nserver or client by flooding it with packets containing PATH_CHALLENGE\nframes.\n\nImpact summary: A malicious remote peer can cause an unbounded\nmemory allocation which can lead to an abnormal termination of the\napplication acting as a QUIC client or server and a Denial of Service.\n\nA remote peer may exhaust heap memory by flooding the local\nQUIC stack with PATH_CHALLENGE frames. The local QUIC stack\nallocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives.\nThe allocated PATH_RESPONSE frame gets freed only when the remote\npeer acknowledges reception of the PATH_RESPONSE frame which will\nnot be done by a malicious peer.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by\nthis issue. The QUIC stack is outside of OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34183",
"url": "https://www.suse.com/security/cve/CVE-2026-34183"
},
{
"category": "external",
"summary": "SUSE Bug 1266345 for CVE-2026-34183",
"url": "https://bugzilla.suse.com/1266345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34183"
},
{
"cve": "CVE-2026-42764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42764"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Receiving a QUIC initial packet with an invalid token may\ntrigger a NULL pointer dereference in the OpenSSL QUIC server with\naddress validation disabled.\n\nImpact summary: NULL pointer dereference typically causes abnormal termination\nof the affected QUIC server process and a Denial of Service.\n\nIf the address validation is disabled in the OpenSSL QUIC server\nimplementation, an attacker can crash the server by sending an initial\npacket with an invalid or expired token.\n\nBy default, the client address validation is enabled in the OpenSSL QUIC server\nimplementation, which makes the default configuration not vulnerable\nto this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with\nthe SSL_new_listener() call, the address validation is disabled making the\nvulnerable code reachable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42764",
"url": "https://www.suse.com/security/cve/CVE-2026-42764"
},
{
"category": "external",
"summary": "SUSE Bug 1266347 for CVE-2026-42764",
"url": "https://bugzilla.suse.com/1266347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42764"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-42767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42767"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol)\nserver could trigger a NULL pointer dereference in a CMP client application.\n\nImpact summary: A NULL pointer dereference causes a crash of the\napplication and a Denial of Service.\n\nAn attacker controlling a CMP server (or acting as a man-in-the-middle) could\ncraft a CMP response containing a CRMF (Certificate Request Message Format)\nCertRepMessage with an EncryptedValue structure where the symmAlg field\nhas an algorithm OID but no parameters field. When the OpenSSL CMP client\nprocesses this response, the NULL dereference occurs, causing a crash of\nthe CMP client.\n\nApplications that process untrusted CMP/CRMF messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42767",
"url": "https://www.suse.com/security/cve/CVE-2026-42767"
},
{
"category": "external",
"summary": "SUSE Bug 1266350 for CVE-2026-42767",
"url": "https://bugzilla.suse.com/1266350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42767"
},
{
"cve": "CVE-2026-42768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42768"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to\nBleichenbacher-style attack when an attacker is able to provide the CMS or\nS/MIME messages and observe the error code and/or decryption output.\n\nImpact summary: The Bleichenbacher-style attack allows an attacker to use the\nvictim\u0027s vulnerable application as a way to decrypt or sign messages with the\nvictim\u0027s private RSA key.\n\nThe attack is possible in 2 variants.\n\n1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without\nproviding the recipient certificate. In this case OpenSSL iterates over every\nKeyTransRecipientInfo (KTRI) without stopping at the first success.\n\nAn attacker who authors a message with two KTRI entries - the first one\nwrapping a real CEK under the victim\u0027s public key, the second with an\narbitrary probe ciphertext - obtains opportunity to iterate the 2nd KTRI to\nget a valid PKCS#1 v1.5 padding if the error code of the application is\navailable.\n\nThat is a Bleichenbacher oracle (Bleichenbacher, CRYPTO \u002798): an\nadaptive-chosen-ciphertext side channel from which the attacker decrypts any\nRSA ciphertext to the victim\u0027s key or forges any PKCS#1 v1.5 signature under\nit.\n\n2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with\nthe recipient certificate, and the recipient is not found, a random\nkey is substituted.\n\nAn attacker who authors a message and is able to compare both error code and\nthe result of the decryption, can mount a Bleichenbacher oracle.\n\nWe are not aware of any applications that provide a remote attacker\nan opportunity to mount an attack described in these scenarios. We consider\nthe existence of such application very unlikely, and for this reason this\nCVE has been evaluated as Low severity.\n\nTo avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the\ninvoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described\nin draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit\nrejection was explicitly disabled.\n\nThe implicit rejection mechanism always returns a plaintext value,\nthe symmetric key. This result is deterministic for the ciphertext and the\nprivate key. The length of the decryption result can happen to match the\nlength of the key of the symmetric cipher that was used for the content\nencryption. When a certificate is not provided, the last RecipientInfo\nproducing a key that looks valid will be used. It may cause getting garbage\ncontent on decryption. As a proper way to deal with this a recipient\ncertificate has to be provided to identify the particular RecipientInfo for\ndecryption.\n\nThe FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as\nCMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42768",
"url": "https://www.suse.com/security/cve/CVE-2026-42768"
},
{
"category": "external",
"summary": "SUSE Bug 1266351 for CVE-2026-42768",
"url": "https://bugzilla.suse.com/1266351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42768"
},
{
"cve": "CVE-2026-42769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42769"
}
],
"notes": [
{
"category": "general",
"text": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate. A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42769",
"url": "https://www.suse.com/security/cve/CVE-2026-42769"
},
{
"category": "external",
"summary": "SUSE Bug 1266352 for CVE-2026-42769",
"url": "https://bugzilla.suse.com/1266352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42769"
},
{
"cve": "CVE-2026-42770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42770"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\npeer key, the peer key is not properly checked for the subgroup membership.\n\nImpact summary: A malicious peer which presents an X9.42 key carrying the\nvictim\u0027s p and g parameters, a forged q = r (a small prime factor of the\ncofactor (p\u22121)/q_local), and a public value Y of order r can recover the\nvictim\u0027s private key after a small number of key exchange attempts.\n\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer\u0027s\nown q parameter, not the local key\u0027s q. The peer\u0027s domain parameters are\nthen matched against the domain parameters of the private key, but the value\nof q is not compared.\n\nA malicious peer who presents an X9.42 key carrying the victim\u0027s p, g,\na forged q = r (a small prime factor of the cofactor), and a public\nvalue Y of order r passes all checks. The shared secret then takes only\nr distinct values, leaking priv mod r. Repeating for each small-prime\nfactor of the cofactor and combining via CRT recovers the full private\nkey (Lim-Lee / small-subgroup-confinement attack).\n\nThe realistic attack surface is narrow: principally CMP deployments with\nlong-lived RA/CA DHX keys and bespoke enterprise or government applications\nusing X9.42 DHX static keys with interactive protocols and therefore this\nissue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42770",
"url": "https://www.suse.com/security/cve/CVE-2026-42770"
},
{
"category": "external",
"summary": "SUSE Bug 1266353 for CVE-2026-42770",
"url": "https://bugzilla.suse.com/1266353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42770"
},
{
"cve": "CVE-2026-45445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45445"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When an application drives an AES-OCB context through the\npublic EVP_Cipher() one-shot interface, the application-supplied\ninitialisation vector (IV) is silently discarded.\n\nImpact summary: Every message encrypted under the same key uses the\nsame effective nonce regardless of the IV supplied by the caller,\nresulting in (key, nonce) reuse and loss of confidentiality. If the\nsame code path is used to compute the authentication tag, the tag\ndepends only on the (key, IV) pair and not on the plaintext or\nciphertext, allowing universal forgery of arbitrary ciphertext from a\nsingle captured message.\n\nOpenSSL provides two ways to drive a cipher: the documented streaming\ninterface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level\none-shot, EVP_Cipher(), whose documentation explicitly recommends\nagainst use by applications in favour of EVP_CipherUpdate() and\nEVP_CipherFinal_ex(). The OCB provider\u0027s streaming handler flushes\nthe application-supplied IV into the OCB context before processing\ndata; the one-shot handler did not. Every call to EVP_Cipher() on an\nAES-OCB context therefore ran with the all-zero key-derived offset\nstate left by cipher initialisation, regardless of the caller\u0027s IV.\n\nIf EVP_EncryptFinal_ex() is subsequently used to obtain the\nauthentication tag, the deferred IV setup runs at that point and\nclears the running checksum that should have been accumulated over the\nplaintext. The resulting tag is a function of (key, IV) only and\nverifies against any ciphertext produced under the same (key, IV)\npair.\n\nThe OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a\nTLS cipher suite, and libssl does not call EVP_Cipher() in any case.\nApplications that drive AES-OCB through the documented streaming AEAD\nAPI (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only\napplications that combine the AES-OCB cipher with the EVP_Cipher()\none-shot API are vulnerable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as AES-OCB is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45445",
"url": "https://www.suse.com/security/cve/CVE-2026-45445"
},
{
"category": "external",
"summary": "SUSE Bug 1266355 for CVE-2026-45445",
"url": "https://bugzilla.suse.com/1266355"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-45445"
},
{
"cve": "CVE-2026-45446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45446"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV\n(RFC 8452) mishandle the authentication of AAD (Additional Authenticated\nData) with an empty ciphertext allowing a forgery of such messages.\n\nImpact summary: An attacker can forge empty messages with arbitrary AAD\nto the victim\u0027s application using these ciphers.\n\nAES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD\nmodes: they accept a key, nonce, optional AAD (bytes that are authenticated\nbut not encrypted), and plaintext, and produces ciphertext plus a 16-byte\ntag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only\nif the tag is verified succesfully.\n\nIn OpenSSL\u0027s provider implementation of these ciphers, the expected tag is\ncomputed only when decryption function is invoked with non-empty data.\nIf the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without\ninvocation of the ciphertext update, which can happen when the received\nciphertext length is zero, the tag is never recalculated and still holds its\nall-zeros value.\n\nWhen AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty\nciphertext, and all-zeros tag passes authentication under any key they do not\nknow, single-shot. When AES-SIV is used, for mounting the attack it\u0027s\nnecessary for the application to reuse the decryption context without\nresetting the key.\n\nAES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since\nOpenSSL 3.2.\n\nNo protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support\neither AES-GCM-SIV or AES-SIV. To mount an attack, the applications must\nimplement their own protocol and use the EVP interface. Also they must skip the\nciphertext update when a message with an empty ciphertext arrives.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as these algorithms are not FIPS approved and the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45446",
"url": "https://www.suse.com/security/cve/CVE-2026-45446"
},
{
"category": "external",
"summary": "SUSE Bug 1266356 for CVE-2026-45446",
"url": "https://bugzilla.suse.com/1266356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-45446"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
},
{
"category": "external",
"summary": "SUSE Bug 1268888 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1268888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Micro 6.2:openssl-3-3.5.0-160000.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:22315-1
Vulnerability from csaf_suse - Published: 2026-06-22 12:23 - Updated: 2026-06-22 12:23Summary
Security update for openssl-3
Severity
Important
Notes
Title of the patch: Security update for openssl-3
Description of the patch: This update for openssl-3 fixes the following issues
- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).
- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).
- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).
- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).
- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
Patchnames: SUSE-SLES-16.0-1017
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.2 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
67 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues\n\n- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).\n- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).\n- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).\n- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).\n- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).\n- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).\n- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).\n- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-1017",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22315-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22315-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622315-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22315-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027151.html"
},
{
"category": "self",
"summary": "SUSE Bug 1259652",
"url": "https://bugzilla.suse.com/1259652"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266344",
"url": "https://bugzilla.suse.com/1266344"
},
{
"category": "self",
"summary": "SUSE Bug 1266345",
"url": "https://bugzilla.suse.com/1266345"
},
{
"category": "self",
"summary": "SUSE Bug 1266347",
"url": "https://bugzilla.suse.com/1266347"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266350",
"url": "https://bugzilla.suse.com/1266350"
},
{
"category": "self",
"summary": "SUSE Bug 1266351",
"url": "https://bugzilla.suse.com/1266351"
},
{
"category": "self",
"summary": "SUSE Bug 1266352",
"url": "https://bugzilla.suse.com/1266352"
},
{
"category": "self",
"summary": "SUSE Bug 1266353",
"url": "https://bugzilla.suse.com/1266353"
},
{
"category": "self",
"summary": "SUSE Bug 1266355",
"url": "https://bugzilla.suse.com/1266355"
},
{
"category": "self",
"summary": "SUSE Bug 1266356",
"url": "https://bugzilla.suse.com/1266356"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34182 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34183 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42764 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42767 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42768 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42769 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42770 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45445 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-06-22T12:23:46Z",
"generator": {
"date": "2026-06-22T12:23:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22315-1",
"initial_release_date": "2026-06-22T12:23:46Z",
"revision_history": [
{
"date": "2026-06-22T12:23:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.aarch64",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.aarch64",
"product_id": "libopenssl3-3.5.0-160000.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.aarch64",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.aarch64",
"product_id": "openssl-3-3.5.0-160000.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.5.0-160000.8.1.noarch",
"product": {
"name": "openssl-3-doc-3.5.0-160000.8.1.noarch",
"product_id": "openssl-3-doc-3.5.0-160000.8.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"product_id": "libopenssl3-3.5.0-160000.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.ppc64le",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.ppc64le",
"product_id": "openssl-3-3.5.0-160000.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.s390x",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.s390x",
"product_id": "libopenssl3-3.5.0-160000.8.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.s390x",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.s390x",
"product_id": "openssl-3-3.5.0-160000.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl3-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl3-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"product_id": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.5.0-160000.8.1.x86_64",
"product": {
"name": "openssl-3-3.5.0-160000.8.1.x86_64",
"product_id": "openssl-3-3.5.0-160000.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.5.0-160000.8.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
},
"product_reference": "openssl-3-doc-3.5.0-160000.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.5.0-160000.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64"
},
"product_reference": "openssl-3-3.5.0-160000.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-doc-3.5.0-160000.8.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
},
"product_reference": "openssl-3-doc-3.5.0-160000.8.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2673"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected\npreferred key exchange group when its key exchange group configuration includes\nthe default by using the \u0027DEFAULT\u0027 keyword.\n\nImpact summary: A less preferred key exchange may be used even when a more\npreferred group is supported by both client and server, if the group\nwas not included among the client\u0027s initial predicated keyshares.\nThis will sometimes be the case with the new hybrid post-quantum groups,\nif the client chooses to defer their use until specifically requested by\nthe server.\n\nIf an OpenSSL TLS 1.3 server\u0027s configuration uses the \u0027DEFAULT\u0027 keyword to\ninterpolate the built-in default group list into its own configuration, perhaps\nadding or removing specific elements, then an implementation defect causes the\n\u0027DEFAULT\u0027 list to lose its \u0027tuple\u0027 structure, and all server-supported groups\nwere treated as a single sufficiently secure \u0027tuple\u0027, with the server not\nsending a Hello Retry Request (HRR) even when a group in a more preferred tuple\nwas mutually supported.\n\nAs a result, the client and server might fail to negotiate a mutually supported\npost-quantum key agreement group, such as \u0027X25519MLKEM768\u0027, if the client\u0027s\nconfiguration results in only \u0027classical\u0027 groups (such as \u0027X25519\u0027 being the\nonly ones in the client\u0027s initial keyshare prediction).\n\nOpenSSL 3.5 and later support a new syntax for selecting the most preferred TLS\n1.3 key agreement group on TLS servers. The old syntax had a single \u0027flat\u0027\nlist of groups, and treated all the supported groups as sufficiently secure.\nIf any of the keyshares predicted by the client were supported by the server\nthe most preferred among these was selected, even if other groups supported by\nthe client, but not included in the list of predicted keyshares would have been\nmore preferred, if included.\n\nThe new syntax partitions the groups into distinct \u0027tuples\u0027 of roughly\nequivalent security. Within each tuple the most preferred group included among\nthe client\u0027s predicted keyshares is chosen, but if the client supports a group\nfrom a more preferred tuple, but did not predict any corresponding keyshares,\nthe server will ask the client to retry the ClientHello (by issuing a Hello\nRetry Request or HRR) with the most preferred mutually supported group.\n\nThe above works as expected when the server\u0027s configuration uses the built-in\ndefault group list, or explicitly defines its own list by directly defining the\nvarious desired groups and group \u0027tuples\u0027.\n\nNo OpenSSL FIPS modules are affected by this issue, the code in question lies\noutside the FIPS boundary.\n\nOpenSSL 3.6 and 3.5 are vulnerable to this issue.\n\nOpenSSL 3.6 users should upgrade to OpenSSL 3.6.2 once it is released.\nOpenSSL 3.5 users should upgrade to OpenSSL 3.5.6 once it is released.\n\nOpenSSL 3.4, 3.3, 3.0, 1.0.2 and 1.1.1 are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2673",
"url": "https://www.suse.com/security/cve/CVE-2026-2673"
},
{
"category": "external",
"summary": "SUSE Bug 1259652 for CVE-2026-2673",
"url": "https://bugzilla.suse.com/1259652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-2673"
},
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-34182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34182"
}
],
"notes": [
{
"category": "general",
"text": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform\nsufficient input validation on the cipher and tag length fields of\nAuthEnvelopedData containers, leading to various potential compromises.\n\nImpact Summary: Attackers making use of these vulnerabilities may achieve\nkey-equivalent functionality for a given CMS recipient and/or bypass integrity\nvalidation for a given message.\n\nIn one use case, an attacker may send a CMS message containing\nAuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL\nerroneously allows this selection, and attempts to decrypt and validate the\nmessage.\n\nAn on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData\naddressed to the victim can re-emit it with the recipientInfos set left\nbyte-for-byte intact, so the victim\u0027s private key still unwraps the genuine CEK\n(the content-encryption key), but with the inner OID rewritten to AES-256-OFB\n(Output Feedback Mode, an unauthenticated keystream mode) and with an\nattacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the\nreal CEK, never consults the MAC field, and CMS_decrypt() returns success.\n\nIf the application under attack responds to the attacker with any indicator\nshowing success or failure of the decryption effort, it is possible for the\nattacker to use this as an oracle to obtain key equivalent functionality for the\nCEK used for the chosen recipient of the message.\n\nIn another use case, an attacker can reduce the tag length of the chosen AEAD\ncipher for a given AuthEnvelopedData container to be a single byte long,\nallowing an attacker to brute force CMS decryption, producing an integrity\nbypass for applications that trust CMS_decrypt() to reject modified content.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34182",
"url": "https://www.suse.com/security/cve/CVE-2026-34182"
},
{
"category": "external",
"summary": "SUSE Bug 1266344 for CVE-2026-34182",
"url": "https://bugzilla.suse.com/1266344"
},
{
"category": "external",
"summary": "SUSE Bug 1269279 for CVE-2026-34182",
"url": "https://bugzilla.suse.com/1269279"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34182"
},
{
"cve": "CVE-2026-34183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34183"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Remote peer may exhaust heap memory of the QUIC\nserver or client by flooding it with packets containing PATH_CHALLENGE\nframes.\n\nImpact summary: A malicious remote peer can cause an unbounded\nmemory allocation which can lead to an abnormal termination of the\napplication acting as a QUIC client or server and a Denial of Service.\n\nA remote peer may exhaust heap memory by flooding the local\nQUIC stack with PATH_CHALLENGE frames. The local QUIC stack\nallocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives.\nThe allocated PATH_RESPONSE frame gets freed only when the remote\npeer acknowledges reception of the PATH_RESPONSE frame which will\nnot be done by a malicious peer.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by\nthis issue. The QUIC stack is outside of OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34183",
"url": "https://www.suse.com/security/cve/CVE-2026-34183"
},
{
"category": "external",
"summary": "SUSE Bug 1266345 for CVE-2026-34183",
"url": "https://bugzilla.suse.com/1266345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-34183"
},
{
"cve": "CVE-2026-42764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42764"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Receiving a QUIC initial packet with an invalid token may\ntrigger a NULL pointer dereference in the OpenSSL QUIC server with\naddress validation disabled.\n\nImpact summary: NULL pointer dereference typically causes abnormal termination\nof the affected QUIC server process and a Denial of Service.\n\nIf the address validation is disabled in the OpenSSL QUIC server\nimplementation, an attacker can crash the server by sending an initial\npacket with an invalid or expired token.\n\nBy default, the client address validation is enabled in the OpenSSL QUIC server\nimplementation, which makes the default configuration not vulnerable\nto this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with\nthe SSL_new_listener() call, the address validation is disabled making the\nvulnerable code reachable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42764",
"url": "https://www.suse.com/security/cve/CVE-2026-42764"
},
{
"category": "external",
"summary": "SUSE Bug 1266347 for CVE-2026-42764",
"url": "https://bugzilla.suse.com/1266347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42764"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-42767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42767"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol)\nserver could trigger a NULL pointer dereference in a CMP client application.\n\nImpact summary: A NULL pointer dereference causes a crash of the\napplication and a Denial of Service.\n\nAn attacker controlling a CMP server (or acting as a man-in-the-middle) could\ncraft a CMP response containing a CRMF (Certificate Request Message Format)\nCertRepMessage with an EncryptedValue structure where the symmAlg field\nhas an algorithm OID but no parameters field. When the OpenSSL CMP client\nprocesses this response, the NULL dereference occurs, causing a crash of\nthe CMP client.\n\nApplications that process untrusted CMP/CRMF messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42767",
"url": "https://www.suse.com/security/cve/CVE-2026-42767"
},
{
"category": "external",
"summary": "SUSE Bug 1266350 for CVE-2026-42767",
"url": "https://bugzilla.suse.com/1266350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42767"
},
{
"cve": "CVE-2026-42768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42768"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to\nBleichenbacher-style attack when an attacker is able to provide the CMS or\nS/MIME messages and observe the error code and/or decryption output.\n\nImpact summary: The Bleichenbacher-style attack allows an attacker to use the\nvictim\u0027s vulnerable application as a way to decrypt or sign messages with the\nvictim\u0027s private RSA key.\n\nThe attack is possible in 2 variants.\n\n1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without\nproviding the recipient certificate. In this case OpenSSL iterates over every\nKeyTransRecipientInfo (KTRI) without stopping at the first success.\n\nAn attacker who authors a message with two KTRI entries - the first one\nwrapping a real CEK under the victim\u0027s public key, the second with an\narbitrary probe ciphertext - obtains opportunity to iterate the 2nd KTRI to\nget a valid PKCS#1 v1.5 padding if the error code of the application is\navailable.\n\nThat is a Bleichenbacher oracle (Bleichenbacher, CRYPTO \u002798): an\nadaptive-chosen-ciphertext side channel from which the attacker decrypts any\nRSA ciphertext to the victim\u0027s key or forges any PKCS#1 v1.5 signature under\nit.\n\n2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with\nthe recipient certificate, and the recipient is not found, a random\nkey is substituted.\n\nAn attacker who authors a message and is able to compare both error code and\nthe result of the decryption, can mount a Bleichenbacher oracle.\n\nWe are not aware of any applications that provide a remote attacker\nan opportunity to mount an attack described in these scenarios. We consider\nthe existence of such application very unlikely, and for this reason this\nCVE has been evaluated as Low severity.\n\nTo avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the\ninvoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described\nin draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit\nrejection was explicitly disabled.\n\nThe implicit rejection mechanism always returns a plaintext value,\nthe symmetric key. This result is deterministic for the ciphertext and the\nprivate key. The length of the decryption result can happen to match the\nlength of the key of the symmetric cipher that was used for the content\nencryption. When a certificate is not provided, the last RecipientInfo\nproducing a key that looks valid will be used. It may cause getting garbage\ncontent on decryption. As a proper way to deal with this a recipient\ncertificate has to be provided to identify the particular RecipientInfo for\ndecryption.\n\nThe FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as\nCMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42768",
"url": "https://www.suse.com/security/cve/CVE-2026-42768"
},
{
"category": "external",
"summary": "SUSE Bug 1266351 for CVE-2026-42768",
"url": "https://bugzilla.suse.com/1266351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42768"
},
{
"cve": "CVE-2026-42769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42769"
}
],
"notes": [
{
"category": "general",
"text": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate. A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42769",
"url": "https://www.suse.com/security/cve/CVE-2026-42769"
},
{
"category": "external",
"summary": "SUSE Bug 1266352 for CVE-2026-42769",
"url": "https://bugzilla.suse.com/1266352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42769"
},
{
"cve": "CVE-2026-42770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42770"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\npeer key, the peer key is not properly checked for the subgroup membership.\n\nImpact summary: A malicious peer which presents an X9.42 key carrying the\nvictim\u0027s p and g parameters, a forged q = r (a small prime factor of the\ncofactor (p\u22121)/q_local), and a public value Y of order r can recover the\nvictim\u0027s private key after a small number of key exchange attempts.\n\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer\u0027s\nown q parameter, not the local key\u0027s q. The peer\u0027s domain parameters are\nthen matched against the domain parameters of the private key, but the value\nof q is not compared.\n\nA malicious peer who presents an X9.42 key carrying the victim\u0027s p, g,\na forged q = r (a small prime factor of the cofactor), and a public\nvalue Y of order r passes all checks. The shared secret then takes only\nr distinct values, leaking priv mod r. Repeating for each small-prime\nfactor of the cofactor and combining via CRT recovers the full private\nkey (Lim-Lee / small-subgroup-confinement attack).\n\nThe realistic attack surface is narrow: principally CMP deployments with\nlong-lived RA/CA DHX keys and bespoke enterprise or government applications\nusing X9.42 DHX static keys with interactive protocols and therefore this\nissue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42770",
"url": "https://www.suse.com/security/cve/CVE-2026-42770"
},
{
"category": "external",
"summary": "SUSE Bug 1266353 for CVE-2026-42770",
"url": "https://bugzilla.suse.com/1266353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-42770"
},
{
"cve": "CVE-2026-45445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45445"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When an application drives an AES-OCB context through the\npublic EVP_Cipher() one-shot interface, the application-supplied\ninitialisation vector (IV) is silently discarded.\n\nImpact summary: Every message encrypted under the same key uses the\nsame effective nonce regardless of the IV supplied by the caller,\nresulting in (key, nonce) reuse and loss of confidentiality. If the\nsame code path is used to compute the authentication tag, the tag\ndepends only on the (key, IV) pair and not on the plaintext or\nciphertext, allowing universal forgery of arbitrary ciphertext from a\nsingle captured message.\n\nOpenSSL provides two ways to drive a cipher: the documented streaming\ninterface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level\none-shot, EVP_Cipher(), whose documentation explicitly recommends\nagainst use by applications in favour of EVP_CipherUpdate() and\nEVP_CipherFinal_ex(). The OCB provider\u0027s streaming handler flushes\nthe application-supplied IV into the OCB context before processing\ndata; the one-shot handler did not. Every call to EVP_Cipher() on an\nAES-OCB context therefore ran with the all-zero key-derived offset\nstate left by cipher initialisation, regardless of the caller\u0027s IV.\n\nIf EVP_EncryptFinal_ex() is subsequently used to obtain the\nauthentication tag, the deferred IV setup runs at that point and\nclears the running checksum that should have been accumulated over the\nplaintext. The resulting tag is a function of (key, IV) only and\nverifies against any ciphertext produced under the same (key, IV)\npair.\n\nThe OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a\nTLS cipher suite, and libssl does not call EVP_Cipher() in any case.\nApplications that drive AES-OCB through the documented streaming AEAD\nAPI (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only\napplications that combine the AES-OCB cipher with the EVP_Cipher()\none-shot API are vulnerable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as AES-OCB is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45445",
"url": "https://www.suse.com/security/cve/CVE-2026-45445"
},
{
"category": "external",
"summary": "SUSE Bug 1266355 for CVE-2026-45445",
"url": "https://bugzilla.suse.com/1266355"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-45445"
},
{
"cve": "CVE-2026-45446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45446"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV\n(RFC 8452) mishandle the authentication of AAD (Additional Authenticated\nData) with an empty ciphertext allowing a forgery of such messages.\n\nImpact summary: An attacker can forge empty messages with arbitrary AAD\nto the victim\u0027s application using these ciphers.\n\nAES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD\nmodes: they accept a key, nonce, optional AAD (bytes that are authenticated\nbut not encrypted), and plaintext, and produces ciphertext plus a 16-byte\ntag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only\nif the tag is verified succesfully.\n\nIn OpenSSL\u0027s provider implementation of these ciphers, the expected tag is\ncomputed only when decryption function is invoked with non-empty data.\nIf the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without\ninvocation of the ciphertext update, which can happen when the received\nciphertext length is zero, the tag is never recalculated and still holds its\nall-zeros value.\n\nWhen AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty\nciphertext, and all-zeros tag passes authentication under any key they do not\nknow, single-shot. When AES-SIV is used, for mounting the attack it\u0027s\nnecessary for the application to reuse the decryption context without\nresetting the key.\n\nAES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since\nOpenSSL 3.2.\n\nNo protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support\neither AES-GCM-SIV or AES-SIV. To mount an attack, the applications must\nimplement their own protocol and use the EVP interface. Also they must skip the\nciphertext update when a message with an empty ciphertext arrives.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as these algorithms are not FIPS approved and the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45446",
"url": "https://www.suse.com/security/cve/CVE-2026-45446"
},
{
"category": "external",
"summary": "SUSE Bug 1266356 for CVE-2026-45446",
"url": "https://bugzilla.suse.com/1266356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-45446"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
},
{
"category": "external",
"summary": "SUSE Bug 1268888 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1268888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-devel-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl-3-fips-provider-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:libopenssl3-x86-64-v3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-3.5.0-160000.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:openssl-3-doc-3.5.0-160000.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T12:23:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2393-1
Vulnerability from csaf_suse - Published: 2026-06-15 08:06 - Updated: 2026-06-15 08:06Summary
Security update for openssl-3
Severity
Important
Notes
Title of the patch: Security update for openssl-3
Description of the patch: This update for openssl-3 fixes the following issues
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
Patchnames: SUSE-2026-2393,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2393,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2393
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues\n\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).\n- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).\n- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2393,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2393,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2393",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2393-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2393-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262393-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2393-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047322.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266344",
"url": "https://bugzilla.suse.com/1266344"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266353",
"url": "https://bugzilla.suse.com/1266353"
},
{
"category": "self",
"summary": "SUSE Bug 1266355",
"url": "https://bugzilla.suse.com/1266355"
},
{
"category": "self",
"summary": "SUSE Bug 1266356",
"url": "https://bugzilla.suse.com/1266356"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34182 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42770 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45445 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-06-15T08:06:06Z",
"generator": {
"date": "2026-06-15T08:06:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2393-1",
"initial_release_date": "2026-06-15T08:06:06Z",
"revision_history": [
{
"date": "2026-06-15T08:06:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.53.1.aarch64",
"product": {
"name": "libopenssl3-3.1.4-150600.5.53.1.aarch64",
"product_id": "libopenssl3-3.1.4-150600.5.53.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.53.1.aarch64",
"product": {
"name": "openssl-3-3.1.4-150600.5.53.1.aarch64",
"product_id": "openssl-3-3.1.4-150600.5.53.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.1.4-150600.5.53.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product_id": "libopenssl-3-fips-provider-64bit-3.1.4-150600.5.53.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.1.4-150600.5.53.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.1.4-150600.5.53.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.i586",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.i586",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.53.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.i586",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.i586",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.53.1.i586",
"product": {
"name": "libopenssl3-3.1.4-150600.5.53.1.i586",
"product_id": "libopenssl3-3.1.4-150600.5.53.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.53.1.i586",
"product": {
"name": "openssl-3-3.1.4-150600.5.53.1.i586",
"product_id": "openssl-3-3.1.4-150600.5.53.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.1.4-150600.5.53.1.noarch",
"product": {
"name": "openssl-3-doc-3.1.4-150600.5.53.1.noarch",
"product_id": "openssl-3-doc-3.1.4-150600.5.53.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"product": {
"name": "libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"product_id": "libopenssl3-3.1.4-150600.5.53.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.53.1.ppc64le",
"product": {
"name": "openssl-3-3.1.4-150600.5.53.1.ppc64le",
"product_id": "openssl-3-3.1.4-150600.5.53.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.53.1.s390x",
"product": {
"name": "libopenssl3-3.1.4-150600.5.53.1.s390x",
"product_id": "libopenssl3-3.1.4-150600.5.53.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.53.1.s390x",
"product": {
"name": "openssl-3-3.1.4-150600.5.53.1.s390x",
"product_id": "openssl-3-3.1.4-150600.5.53.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl3-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl3-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"product_id": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.1.4-150600.5.53.1.x86_64",
"product": {
"name": "openssl-3-3.1.4-150600.5.53.1.x86_64",
"product_id": "openssl-3-3.1.4-150600.5.53.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6",
"product_id": "SUSE Linux Enterprise Server 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.1.4-150600.5.53.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
},
"product_reference": "openssl-3-3.1.4-150600.5.53.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-34182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34182"
}
],
"notes": [
{
"category": "general",
"text": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform\nsufficient input validation on the cipher and tag length fields of\nAuthEnvelopedData containers, leading to various potential compromises.\n\nImpact Summary: Attackers making use of these vulnerabilities may achieve\nkey-equivalent functionality for a given CMS recipient and/or bypass integrity\nvalidation for a given message.\n\nIn one use case, an attacker may send a CMS message containing\nAuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL\nerroneously allows this selection, and attempts to decrypt and validate the\nmessage.\n\nAn on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData\naddressed to the victim can re-emit it with the recipientInfos set left\nbyte-for-byte intact, so the victim\u0027s private key still unwraps the genuine CEK\n(the content-encryption key), but with the inner OID rewritten to AES-256-OFB\n(Output Feedback Mode, an unauthenticated keystream mode) and with an\nattacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the\nreal CEK, never consults the MAC field, and CMS_decrypt() returns success.\n\nIf the application under attack responds to the attacker with any indicator\nshowing success or failure of the decryption effort, it is possible for the\nattacker to use this as an oracle to obtain key equivalent functionality for the\nCEK used for the chosen recipient of the message.\n\nIn another use case, an attacker can reduce the tag length of the chosen AEAD\ncipher for a given AuthEnvelopedData container to be a single byte long,\nallowing an attacker to brute force CMS decryption, producing an integrity\nbypass for applications that trust CMS_decrypt() to reject modified content.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34182",
"url": "https://www.suse.com/security/cve/CVE-2026-34182"
},
{
"category": "external",
"summary": "SUSE Bug 1266344 for CVE-2026-34182",
"url": "https://bugzilla.suse.com/1266344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-34182"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-42770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42770"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\npeer key, the peer key is not properly checked for the subgroup membership.\n\nImpact summary: A malicious peer which presents an X9.42 key carrying the\nvictim\u0027s p and g parameters, a forged q = r (a small prime factor of the\ncofactor (p\u22121)/q_local), and a public value Y of order r can recover the\nvictim\u0027s private key after a small number of key exchange attempts.\n\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer\u0027s\nown q parameter, not the local key\u0027s q. The peer\u0027s domain parameters are\nthen matched against the domain parameters of the private key, but the value\nof q is not compared.\n\nA malicious peer who presents an X9.42 key carrying the victim\u0027s p, g,\na forged q = r (a small prime factor of the cofactor), and a public\nvalue Y of order r passes all checks. The shared secret then takes only\nr distinct values, leaking priv mod r. Repeating for each small-prime\nfactor of the cofactor and combining via CRT recovers the full private\nkey (Lim-Lee / small-subgroup-confinement attack).\n\nThe realistic attack surface is narrow: principally CMP deployments with\nlong-lived RA/CA DHX keys and bespoke enterprise or government applications\nusing X9.42 DHX static keys with interactive protocols and therefore this\nissue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42770",
"url": "https://www.suse.com/security/cve/CVE-2026-42770"
},
{
"category": "external",
"summary": "SUSE Bug 1266353 for CVE-2026-42770",
"url": "https://bugzilla.suse.com/1266353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-42770"
},
{
"cve": "CVE-2026-45445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45445"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When an application drives an AES-OCB context through the\npublic EVP_Cipher() one-shot interface, the application-supplied\ninitialisation vector (IV) is silently discarded.\n\nImpact summary: Every message encrypted under the same key uses the\nsame effective nonce regardless of the IV supplied by the caller,\nresulting in (key, nonce) reuse and loss of confidentiality. If the\nsame code path is used to compute the authentication tag, the tag\ndepends only on the (key, IV) pair and not on the plaintext or\nciphertext, allowing universal forgery of arbitrary ciphertext from a\nsingle captured message.\n\nOpenSSL provides two ways to drive a cipher: the documented streaming\ninterface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level\none-shot, EVP_Cipher(), whose documentation explicitly recommends\nagainst use by applications in favour of EVP_CipherUpdate() and\nEVP_CipherFinal_ex(). The OCB provider\u0027s streaming handler flushes\nthe application-supplied IV into the OCB context before processing\ndata; the one-shot handler did not. Every call to EVP_Cipher() on an\nAES-OCB context therefore ran with the all-zero key-derived offset\nstate left by cipher initialisation, regardless of the caller\u0027s IV.\n\nIf EVP_EncryptFinal_ex() is subsequently used to obtain the\nauthentication tag, the deferred IV setup runs at that point and\nclears the running checksum that should have been accumulated over the\nplaintext. The resulting tag is a function of (key, IV) only and\nverifies against any ciphertext produced under the same (key, IV)\npair.\n\nThe OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a\nTLS cipher suite, and libssl does not call EVP_Cipher() in any case.\nApplications that drive AES-OCB through the documented streaming AEAD\nAPI (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only\napplications that combine the AES-OCB cipher with the EVP_Cipher()\none-shot API are vulnerable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as AES-OCB is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45445",
"url": "https://www.suse.com/security/cve/CVE-2026-45445"
},
{
"category": "external",
"summary": "SUSE Bug 1266355 for CVE-2026-45445",
"url": "https://bugzilla.suse.com/1266355"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-45445"
},
{
"cve": "CVE-2026-45446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45446"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV\n(RFC 8452) mishandle the authentication of AAD (Additional Authenticated\nData) with an empty ciphertext allowing a forgery of such messages.\n\nImpact summary: An attacker can forge empty messages with arbitrary AAD\nto the victim\u0027s application using these ciphers.\n\nAES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD\nmodes: they accept a key, nonce, optional AAD (bytes that are authenticated\nbut not encrypted), and plaintext, and produces ciphertext plus a 16-byte\ntag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only\nif the tag is verified succesfully.\n\nIn OpenSSL\u0027s provider implementation of these ciphers, the expected tag is\ncomputed only when decryption function is invoked with non-empty data.\nIf the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without\ninvocation of the ciphertext update, which can happen when the received\nciphertext length is zero, the tag is never recalculated and still holds its\nall-zeros value.\n\nWhen AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty\nciphertext, and all-zeros tag passes authentication under any key they do not\nknow, single-shot. When AES-SIV is used, for mounting the attack it\u0027s\nnecessary for the application to reuse the decryption context without\nresetting the key.\n\nAES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since\nOpenSSL 3.2.\n\nNo protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support\neither AES-GCM-SIV or AES-SIV. To mount an attack, the applications must\nimplement their own protocol and use the EVP interface. Also they must skip the\nciphertext update when a message with an empty ciphertext arrives.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as these algorithms are not FIPS approved and the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45446",
"url": "https://www.suse.com/security/cve/CVE-2026-45446"
},
{
"category": "external",
"summary": "SUSE Bug 1266356 for CVE-2026-45446",
"url": "https://bugzilla.suse.com/1266356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-45446"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-devel-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-3-fips-provider-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl3-32bit-3.1.4-150600.5.53.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-3-3.1.4-150600.5.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T08:06:06Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2396-1
Vulnerability from csaf_suse - Published: 2026-06-15 14:34 - Updated: 2026-06-15 14:34Summary
Security update for openssl-1_0_0
Severity
Important
Notes
Title of the patch: Security update for openssl-1_0_0
Description of the patch: This update for openssl-1_0_0 fixes the following issues
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442).
- CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
- NULL pointer dereference when processing an OCSP response (bsc#1260446).
Patchnames: SUSE-2026-2396,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2396,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2396
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
34 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_0_0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_0_0 fixes the following issues\n\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL (bsc#1260442).\n- CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo (bsc#1260443).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n- NULL pointer dereference when processing an OCSP response (bsc#1260446).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2396,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2396,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2396",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2396-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2396-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262396-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2396-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047328.html"
},
{
"category": "self",
"summary": "SUSE Bug 1260442",
"url": "https://bugzilla.suse.com/1260442"
},
{
"category": "self",
"summary": "SUSE Bug 1260443",
"url": "https://bugzilla.suse.com/1260443"
},
{
"category": "self",
"summary": "SUSE Bug 1260446",
"url": "https://bugzilla.suse.com/1260446"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28388 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28389 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-1_0_0",
"tracking": {
"current_release_date": "2026-06-15T14:34:21Z",
"generator": {
"date": "2026-06-15T14:34:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2396-1",
"initial_release_date": "2026-06-15T14:34:21Z",
"revision_history": [
{
"date": "2026-06-15T14:34:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product": {
"name": "libopenssl-1_0_0-devel-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product_id": "libopenssl-1_0_0-devel-64bit-1.0.2p-3.109.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_0_0-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product_id": "libopenssl1_0_0-64bit-1.0.2p-3.109.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_0_0-hmac-64bit-1.0.2p-3.109.1.aarch64_ilp32",
"product_id": "libopenssl1_0_0-hmac-64bit-1.0.2p-3.109.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.i586",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.i586",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.i586",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.i586",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.i586",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.i586",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.i586",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.i586",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"product": {
"name": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"product_id": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.s390"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390x",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390x",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"product": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"product_id": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"product": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"product_id": "openssl-1_0_0-1.0.2p-3.109.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
},
"product_reference": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
},
"product_reference": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64"
},
"product_reference": "libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-1.0.2p-3.109.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64"
},
"product_reference": "openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
},
"product_reference": "openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-28388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28388"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When a delta CRL that contains a Delta CRL Indicator extension\nis processed a NULL pointer dereference might happen if the required CRL\nNumber extension is missing.\n\nImpact summary: A NULL pointer dereference can trigger a crash which\nleads to a Denial of Service for an application.\n\nWhen CRL processing and delta CRL processing is enabled during X.509\ncertificate verification, the delta CRL processing does not check\nwhether the CRL Number extension is NULL before dereferencing it.\nWhen a malformed delta CRL file is being processed, this parameter\ncan be NULL, causing a NULL pointer dereference.\n\nExploiting this issue requires the X509_V_FLAG_USE_DELTAS flag to be enabled in\nthe verification context, the certificate being verified to contain a\nfreshestCRL extension or the base CRL to have the EXFLAG_FRESHEST flag set, and\nan attacker to provide a malformed CRL to an application that processes it.\n\nThe vulnerability is limited to Denial of Service and cannot be escalated to\nachieve code execution or memory disclosure. For that reason the issue was\nassessed as Low severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28388",
"url": "https://www.suse.com/security/cve/CVE-2026-28388"
},
{
"category": "external",
"summary": "SUSE Bug 1260442 for CVE-2026-28388",
"url": "https://bugzilla.suse.com/1260442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "important"
}
],
"title": "CVE-2026-28388"
},
{
"cve": "CVE-2026-28389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28389"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: During processing of a crafted CMS EnvelopedData message\nwith KeyAgreeRecipientInfo a NULL pointer dereference can happen.\n\nImpact summary: Applications that process attacker-controlled CMS data may\ncrash before authentication or cryptographic operations occur resulting in\nDenial of Service.\n\nWhen a CMS EnvelopedData message that uses KeyAgreeRecipientInfo is\nprocessed, the optional parameters field of KeyEncryptionAlgorithmIdentifier\nis examined without checking for its presence. This results in a NULL\npointer dereference if the field is missing.\n\nApplications and services that call CMS_decrypt() on untrusted input\n(e.g., S/MIME processing or CMS-based protocols) are vulnerable.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28389",
"url": "https://www.suse.com/security/cve/CVE-2026-28389"
},
{
"category": "external",
"summary": "SUSE Bug 1260443 for CVE-2026-28389",
"url": "https://bugzilla.suse.com/1260443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "moderate"
}
],
"title": "CVE-2026-28389"
},
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_0_0-devel-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_0_0-hmac-32bit-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-1.0.2p-3.109.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_0_0-doc-1.0.2p-3.109.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:21Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2397-1
Vulnerability from csaf_suse - Published: 2026-06-15 14:34 - Updated: 2026-06-15 14:34Summary
Security update for openssl-3
Severity
Important
Notes
Title of the patch: Security update for openssl-3
Description of the patch: This update for openssl-3 fixes the following issues
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
Patchnames: SUSE-2026-2397,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2397,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2397,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2397,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2397
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-3 fixes the following issues\n\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).\n- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).\n- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2397,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2397,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2397,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2397,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2397",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2397-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2397-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262397-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2397-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047327.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266353",
"url": "https://bugzilla.suse.com/1266353"
},
{
"category": "self",
"summary": "SUSE Bug 1266355",
"url": "https://bugzilla.suse.com/1266355"
},
{
"category": "self",
"summary": "SUSE Bug 1266356",
"url": "https://bugzilla.suse.com/1266356"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42770 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45445 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-3",
"tracking": {
"current_release_date": "2026-06-15T14:34:41Z",
"generator": {
"date": "2026-06-15T14:34:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2397-1",
"initial_release_date": "2026-06-15T14:34:41Z",
"revision_history": [
{
"date": "2026-06-15T14:34:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"product_id": "libopenssl3-3.0.8-150500.5.66.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"product": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"product_id": "openssl-3-3.0.8-150500.5.66.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.66.1.aarch64_ilp32",
"product": {
"name": "libopenssl-3-devel-64bit-3.0.8-150500.5.66.1.aarch64_ilp32",
"product_id": "libopenssl-3-devel-64bit-3.0.8-150500.5.66.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl3-64bit-3.0.8-150500.5.66.1.aarch64_ilp32",
"product": {
"name": "libopenssl3-64bit-3.0.8-150500.5.66.1.aarch64_ilp32",
"product_id": "libopenssl3-64bit-3.0.8-150500.5.66.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.i586",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.i586",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.66.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.66.1.i586",
"product": {
"name": "libopenssl3-3.0.8-150500.5.66.1.i586",
"product_id": "libopenssl3-3.0.8-150500.5.66.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.66.1.i586",
"product": {
"name": "openssl-3-3.0.8-150500.5.66.1.i586",
"product_id": "openssl-3-3.0.8-150500.5.66.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-3-doc-3.0.8-150500.5.66.1.noarch",
"product": {
"name": "openssl-3-doc-3.0.8-150500.5.66.1.noarch",
"product_id": "openssl-3-doc-3.0.8-150500.5.66.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"product": {
"name": "libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"product_id": "libopenssl3-3.0.8-150500.5.66.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.66.1.ppc64le",
"product": {
"name": "openssl-3-3.0.8-150500.5.66.1.ppc64le",
"product_id": "openssl-3-3.0.8-150500.5.66.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.66.1.s390x",
"product": {
"name": "libopenssl3-3.0.8-150500.5.66.1.s390x",
"product_id": "libopenssl3-3.0.8-150500.5.66.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.66.1.s390x",
"product": {
"name": "openssl-3-3.0.8-150500.5.66.1.s390x",
"product_id": "openssl-3-3.0.8-150500.5.66.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"product": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"product_id": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.66.1.x86_64",
"product": {
"name": "libopenssl-3-devel-32bit-3.0.8-150500.5.66.1.x86_64",
"product_id": "libopenssl-3-devel-32bit-3.0.8-150500.5.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"product": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"product_id": "libopenssl3-3.0.8-150500.5.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl3-32bit-3.0.8-150500.5.66.1.x86_64",
"product": {
"name": "libopenssl3-32bit-3.0.8-150500.5.66.1.x86_64",
"product_id": "libopenssl3-32bit-3.0.8-150500.5.66.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"product": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"product_id": "openssl-3-3.0.8-150500.5.66.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5",
"product_id": "SUSE Linux Enterprise Server 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "libopenssl3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-3-3.0.8-150500.5.66.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
},
"product_reference": "openssl-3-3.0.8-150500.5.66.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-42770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42770"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\npeer key, the peer key is not properly checked for the subgroup membership.\n\nImpact summary: A malicious peer which presents an X9.42 key carrying the\nvictim\u0027s p and g parameters, a forged q = r (a small prime factor of the\ncofactor (p\u22121)/q_local), and a public value Y of order r can recover the\nvictim\u0027s private key after a small number of key exchange attempts.\n\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer\u0027s\nown q parameter, not the local key\u0027s q. The peer\u0027s domain parameters are\nthen matched against the domain parameters of the private key, but the value\nof q is not compared.\n\nA malicious peer who presents an X9.42 key carrying the victim\u0027s p, g,\na forged q = r (a small prime factor of the cofactor), and a public\nvalue Y of order r passes all checks. The shared secret then takes only\nr distinct values, leaking priv mod r. Repeating for each small-prime\nfactor of the cofactor and combining via CRT recovers the full private\nkey (Lim-Lee / small-subgroup-confinement attack).\n\nThe realistic attack surface is narrow: principally CMP deployments with\nlong-lived RA/CA DHX keys and bespoke enterprise or government applications\nusing X9.42 DHX static keys with interactive protocols and therefore this\nissue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42770",
"url": "https://www.suse.com/security/cve/CVE-2026-42770"
},
{
"category": "external",
"summary": "SUSE Bug 1266353 for CVE-2026-42770",
"url": "https://bugzilla.suse.com/1266353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-42770"
},
{
"cve": "CVE-2026-45445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45445"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When an application drives an AES-OCB context through the\npublic EVP_Cipher() one-shot interface, the application-supplied\ninitialisation vector (IV) is silently discarded.\n\nImpact summary: Every message encrypted under the same key uses the\nsame effective nonce regardless of the IV supplied by the caller,\nresulting in (key, nonce) reuse and loss of confidentiality. If the\nsame code path is used to compute the authentication tag, the tag\ndepends only on the (key, IV) pair and not on the plaintext or\nciphertext, allowing universal forgery of arbitrary ciphertext from a\nsingle captured message.\n\nOpenSSL provides two ways to drive a cipher: the documented streaming\ninterface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level\none-shot, EVP_Cipher(), whose documentation explicitly recommends\nagainst use by applications in favour of EVP_CipherUpdate() and\nEVP_CipherFinal_ex(). The OCB provider\u0027s streaming handler flushes\nthe application-supplied IV into the OCB context before processing\ndata; the one-shot handler did not. Every call to EVP_Cipher() on an\nAES-OCB context therefore ran with the all-zero key-derived offset\nstate left by cipher initialisation, regardless of the caller\u0027s IV.\n\nIf EVP_EncryptFinal_ex() is subsequently used to obtain the\nauthentication tag, the deferred IV setup runs at that point and\nclears the running checksum that should have been accumulated over the\nplaintext. The resulting tag is a function of (key, IV) only and\nverifies against any ciphertext produced under the same (key, IV)\npair.\n\nThe OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a\nTLS cipher suite, and libssl does not call EVP_Cipher() in any case.\nApplications that drive AES-OCB through the documented streaming AEAD\nAPI (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only\napplications that combine the AES-OCB cipher with the EVP_Cipher()\none-shot API are vulnerable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as AES-OCB is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45445",
"url": "https://www.suse.com/security/cve/CVE-2026-45445"
},
{
"category": "external",
"summary": "SUSE Bug 1266355 for CVE-2026-45445",
"url": "https://bugzilla.suse.com/1266355"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-45445"
},
{
"cve": "CVE-2026-45446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45446"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV\n(RFC 8452) mishandle the authentication of AAD (Additional Authenticated\nData) with an empty ciphertext allowing a forgery of such messages.\n\nImpact summary: An attacker can forge empty messages with arbitrary AAD\nto the victim\u0027s application using these ciphers.\n\nAES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD\nmodes: they accept a key, nonce, optional AAD (bytes that are authenticated\nbut not encrypted), and plaintext, and produces ciphertext plus a 16-byte\ntag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only\nif the tag is verified succesfully.\n\nIn OpenSSL\u0027s provider implementation of these ciphers, the expected tag is\ncomputed only when decryption function is invoked with non-empty data.\nIf the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without\ninvocation of the ciphertext update, which can happen when the received\nciphertext length is zero, the tag is never recalculated and still holds its\nall-zeros value.\n\nWhen AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty\nciphertext, and all-zeros tag passes authentication under any key they do not\nknow, single-shot. When AES-SIV is used, for mounting the attack it\u0027s\nnecessary for the application to reuse the decryption context without\nresetting the key.\n\nAES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since\nOpenSSL 3.2.\n\nNo protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support\neither AES-GCM-SIV or AES-SIV. To mount an attack, the applications must\nimplement their own protocol and use the EVP interface. Also they must skip the\nciphertext update when a message with an empty ciphertext arrives.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as these algorithms are not FIPS approved and the affected code is\noutside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45446",
"url": "https://www.suse.com/security/cve/CVE-2026-45446"
},
{
"category": "external",
"summary": "SUSE Bug 1266356 for CVE-2026-45446",
"url": "https://bugzilla.suse.com/1266356"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-45446"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-3-devel-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl3-3.0.8-150500.5.66.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-3-3.0.8-150500.5.66.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T14:34:41Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2403-1
Vulnerability from csaf_suse - Published: 2026-06-16 06:53 - Updated: 2026-06-16 06:53Summary
Security update for openssl-1_1
Severity
Important
Notes
Title of the patch: Security update for openssl-1_1
Description of the patch: This update for openssl-1_1 fixes the following issues:
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
Patchnames: SUSE-2026-2403,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2403,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2403
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1 fixes the following issues:\n\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2403,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2403,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2403",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2403-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2403-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262403-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2403-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047341.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-1_1",
"tracking": {
"current_release_date": "2026-06-16T06:53:38Z",
"generator": {
"date": "2026-06-16T06:53:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2403-1",
"initial_release_date": "2026-06-16T06:53:38Z",
"revision_history": [
{
"date": "2026-06-16T06:53:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.aarch64",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.aarch64",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.aarch64",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.aarch64",
"product_id": "openssl-1_1-1.1.1d-2.131.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product": {
"name": "libopenssl-1_1-devel-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product_id": "libopenssl-1_1-devel-64bit-1.1.1d-2.131.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_1-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product_id": "libopenssl1_1-64bit-1.1.1d-2.131.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_1-hmac-64bit-1.1.1d-2.131.1.aarch64_ilp32",
"product_id": "libopenssl1_1-hmac-64bit-1.1.1d-2.131.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.i586",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.i586",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.i586",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.i586",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.i586",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.i586",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.i586",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.i586",
"product_id": "openssl-1_1-1.1.1d-2.131.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_1-doc-1.1.1d-2.131.1.noarch",
"product": {
"name": "openssl-1_1-doc-1.1.1d-2.131.1.noarch",
"product_id": "openssl-1_1-doc-1.1.1d-2.131.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.ppc64le",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.ppc64le",
"product_id": "openssl-1_1-1.1.1d-2.131.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.s390",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.s390",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.s390"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.s390",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.s390",
"product_id": "openssl-1_1-1.1.1d-2.131.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"product": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"product_id": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.s390x",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.s390x",
"product_id": "openssl-1_1-1.1.1d-2.131.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl1_1-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl1_1-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"product": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"product_id": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1d-2.131.1.x86_64",
"product": {
"name": "openssl-1_1-1.1.1d-2.131.1.x86_64",
"product_id": "openssl-1_1-1.1.1d-2.131.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1d-2.131.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1d-2.131.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:38Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:38Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:38Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:38Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl-1_1-devel-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libopenssl1_1-hmac-32bit-1.1.1d-2.131.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:openssl-1_1-1.1.1d-2.131.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:38Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2404-1
Vulnerability from csaf_suse - Published: 2026-06-16 06:53 - Updated: 2026-06-16 06:53Summary
Security update for openssl-1_1
Severity
Important
Notes
Title of the patch: Security update for openssl-1_1
Description of the patch: This update for openssl-1_1 fixes the following issues:
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
Patchnames: SUSE-2026-2404,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2404,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2404
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1 fixes the following issues:\n\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2404,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2404,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2404",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2404-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2404-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262404-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2404-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047340.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-1_1",
"tracking": {
"current_release_date": "2026-06-16T06:53:51Z",
"generator": {
"date": "2026-06-16T06:53:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2404-1",
"initial_release_date": "2026-06-16T06:53:51Z",
"revision_history": [
{
"date": "2026-06-16T06:53:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"product_id": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"product": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"product_id": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"product": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"product_id": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32",
"product": {
"name": "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32",
"product_id": "libopenssl-1_1-devel-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32",
"product": {
"name": "libopenssl1_1-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32",
"product_id": "libopenssl1_1-64bit-1.1.1w-150600.5.32.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.i586",
"product": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.i586",
"product_id": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.i586",
"product": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.i586",
"product_id": "libopenssl1_1-1.1.1w-150600.5.32.1.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1w-150600.5.32.1.i586",
"product": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.i586",
"product_id": "openssl-1_1-1.1.1w-150600.5.32.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_1-doc-1.1.1w-150600.5.32.1.noarch",
"product": {
"name": "openssl-1_1-doc-1.1.1w-150600.5.32.1.noarch",
"product_id": "openssl-1_1-doc-1.1.1w-150600.5.32.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"product": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"product_id": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"product": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"product_id": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"product": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"product_id": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"product": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"product_id": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"product": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"product_id": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"product": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"product_id": "openssl-1_1-1.1.1w-150600.5.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"product_id": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.32.1.x86_64",
"product": {
"name": "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.32.1.x86_64",
"product_id": "libopenssl-1_1-devel-32bit-1.1.1w-150600.5.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"product": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"product_id": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"product": {
"name": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"product_id": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"product": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"product_id": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6",
"product_id": "SUSE Linux Enterprise Server 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
},
"product_reference": "openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:51Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl-1_1-devel-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:libopenssl1_1-32bit-1.1.1w-150600.5.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:openssl-1_1-1.1.1w-150600.5.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:53:51Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2405-1
Vulnerability from csaf_suse - Published: 2026-06-16 06:54 - Updated: 2026-06-16 06:54Summary
Security update for openssl-1_1
Severity
Important
Notes
Title of the patch: Security update for openssl-1_1
Description of the patch: This update for openssl-1_1 fixes the following issues:
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
Patchnames: SUSE-2026-2405,SUSE-SLE-Micro-5.5-2026-2405,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2405,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2405,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2405,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2405
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.7 (Medium)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1 fixes the following issues:\n\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).\n- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).\n- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).\n- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2405,SUSE-SLE-Micro-5.5-2026-2405,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2405,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2405,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2405,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2405",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2405-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2405-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262405-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2405-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047339.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266340",
"url": "https://bugzilla.suse.com/1266340"
},
{
"category": "self",
"summary": "SUSE Bug 1266341",
"url": "https://bugzilla.suse.com/1266341"
},
{
"category": "self",
"summary": "SUSE Bug 1266342",
"url": "https://bugzilla.suse.com/1266342"
},
{
"category": "self",
"summary": "SUSE Bug 1266349",
"url": "https://bugzilla.suse.com/1266349"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34180 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42766 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-7383 page",
"url": "https://www.suse.com/security/cve/CVE-2026-7383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9076/"
}
],
"title": "Security update for openssl-1_1",
"tracking": {
"current_release_date": "2026-06-16T06:54:17Z",
"generator": {
"date": "2026-06-16T06:54:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2405-1",
"initial_release_date": "2026-06-16T06:54:17Z",
"revision_history": [
{
"date": "2026-06-16T06:54:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"product_id": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"product": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"product_id": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"product": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"product_id": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"product": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"product_id": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product": {
"name": "libopenssl-1_1-devel-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product_id": "libopenssl-1_1-devel-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product": {
"name": "libopenssl1_1-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product_id": "libopenssl1_1-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product": {
"name": "libopenssl1_1-hmac-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32",
"product_id": "libopenssl1_1-hmac-64bit-1.1.1l-150500.17.57.2.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.i586",
"product": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.i586",
"product_id": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.i586",
"product": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.i586",
"product_id": "libopenssl1_1-1.1.1l-150500.17.57.2.i586"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.i586",
"product": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.i586",
"product_id": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.i586"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1l-150500.17.57.2.i586",
"product": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.i586",
"product_id": "openssl-1_1-1.1.1l-150500.17.57.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_1-doc-1.1.1l-150500.17.57.2.noarch",
"product": {
"name": "openssl-1_1-doc-1.1.1l-150500.17.57.2.noarch",
"product_id": "openssl-1_1-doc-1.1.1l-150500.17.57.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"product": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"product_id": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"product": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"product_id": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"product": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"product_id": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"product": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"product_id": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"product": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"product_id": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"product": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"product_id": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"product": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"product_id": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"product": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"product_id": "openssl-1_1-1.1.1l-150500.17.57.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl-1_1-devel-32bit-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl-1_1-devel-32bit-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl-1_1-devel-32bit-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"product_id": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
}
},
{
"category": "product_version",
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"product": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"product_id": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5",
"product_id": "SUSE Linux Enterprise Server 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
},
"product_reference": "openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-34180",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34180"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer. More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34180",
"url": "https://www.suse.com/security/cve/CVE-2026-34180"
},
{
"category": "external",
"summary": "SUSE Bug 1266342 for CVE-2026-34180",
"url": "https://bugzilla.suse.com/1266342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:54:17Z",
"details": "moderate"
}
],
"title": "CVE-2026-34180"
},
{
"cve": "CVE-2026-42766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42766"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42766",
"url": "https://www.suse.com/security/cve/CVE-2026-42766"
},
{
"category": "external",
"summary": "SUSE Bug 1266349 for CVE-2026-42766",
"url": "https://bugzilla.suse.com/1266349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:54:17Z",
"details": "moderate"
}
],
"title": "CVE-2026-42766"
},
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:54:17Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
},
{
"cve": "CVE-2026-7383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-7383"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-7383",
"url": "https://www.suse.com/security/cve/CVE-2026-7383"
},
{
"category": "external",
"summary": "SUSE Bug 1266340 for CVE-2026-7383",
"url": "https://bugzilla.suse.com/1266340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:54:17Z",
"details": "moderate"
}
],
"title": "CVE-2026-7383"
},
{
"cve": "CVE-2026-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9076"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9076",
"url": "https://www.suse.com/security/cve/CVE-2026-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1266341 for CVE-2026-9076",
"url": "https://bugzilla.suse.com/1266341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Micro 5.5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.aarch64",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.s390x",
"SUSE Linux Enterprise Server 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl-1_1-devel-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:openssl-1_1-1.1.1l-150500.17.57.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T06:54:17Z",
"details": "moderate"
}
],
"title": "CVE-2026-9076"
}
]
}
SUSE-SU-2026:2409-1
Vulnerability from csaf_suse - Published: 2026-06-16 08:07 - Updated: 2026-06-16 08:07Summary
Security update for openssl-1_1-livepatches
Severity
Important
Notes
Title of the patch: Security update for openssl-1_1-livepatches
Description of the patch: This update for openssl-1_1-livepatches fixes the following issues
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
Patchnames: SUSE-2026-2409,SUSE-SLE-Module-Live-Patching-15-SP5-2026-2409
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for openssl-1_1-livepatches",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for openssl-1_1-livepatches fixes the following issues\n\n- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2409,SUSE-SLE-Module-Live-Patching-15-SP5-2026-2409",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2409-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2409-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262409-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2409-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047335.html"
},
{
"category": "self",
"summary": "SUSE Bug 1266357",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "self",
"summary": "SUSE Bug 1266389",
"url": "https://bugzilla.suse.com/1266389"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45447/"
}
],
"title": "Security update for openssl-1_1-livepatches",
"tracking": {
"current_release_date": "2026-06-16T08:07:15Z",
"generator": {
"date": "2026-06-16T08:07:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2409-1",
"initial_release_date": "2026-06-16T08:07:15Z",
"revision_history": [
{
"date": "2026-06-16T08:07:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64",
"product": {
"name": "openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64",
"product_id": "openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64"
},
"product_reference": "openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-45447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45447"
}
],
"notes": [
{
"category": "general",
"text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45447",
"url": "https://www.suse.com/security/cve/CVE-2026-45447"
},
{
"category": "external",
"summary": "SUSE Bug 1266357 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266357"
},
{
"category": "external",
"summary": "SUSE Bug 1266389 for CVE-2026-45447",
"url": "https://bugzilla.suse.com/1266389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:openssl-1_1-livepatches-0.6-150500.6.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-16T08:07:15Z",
"details": "important"
}
],
"title": "CVE-2026-45447"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…