{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libopenssl-3-devel-3.5.3-6.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libopenssl-3-devel-3.5.3-6.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2026-11023",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11023-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-34180 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-34180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-34182 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-34182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-34183 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-34183/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42764 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42766 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42766/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42767 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42767/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42768 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42768/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42769 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42769/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-42770 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-42770/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-45445 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-45445/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-45446 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-45446/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-45447 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-45447/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-7383 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-7383/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-9076 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-9076/"
      }
    ],
    "title": "libopenssl-3-devel-3.5.3-6.1 on GA media",
    "tracking": {
      "current_release_date": "2026-06-13T00:00:00Z",
      "generator": {
        "date": "2026-06-13T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2026:11023-1",
      "initial_release_date": "2026-06-13T00:00:00Z",
      "revision_history": [
        {
          "date": "2026-06-13T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl-3-devel-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl-3-devel-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl-3-devel-32bit-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl-3-fips-provider-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl3-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl3-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-32bit-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl3-32bit-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl3-32bit-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
                "product": {
                  "name": "libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
                  "product_id": "libopenssl3-x86-64-v3-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.5.3-6.1.aarch64",
                "product": {
                  "name": "openssl-3-3.5.3-6.1.aarch64",
                  "product_id": "openssl-3-3.5.3-6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-doc-3.5.3-6.1.aarch64",
                "product": {
                  "name": "openssl-3-doc-3.5.3-6.1.aarch64",
                  "product_id": "openssl-3-doc-3.5.3-6.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-devel-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl-3-devel-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl-3-fips-provider-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl3-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl3-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-32bit-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl3-32bit-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl3-32bit-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
                  "product_id": "libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "openssl-3-3.5.3-6.1.ppc64le",
                  "product_id": "openssl-3-3.5.3-6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-doc-3.5.3-6.1.ppc64le",
                "product": {
                  "name": "openssl-3-doc-3.5.3-6.1.ppc64le",
                  "product_id": "openssl-3-doc-3.5.3-6.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl-3-devel-3.5.3-6.1.s390x",
                  "product_id": "libopenssl-3-devel-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
                  "product_id": "libopenssl-3-devel-32bit-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl-3-fips-provider-3.5.3-6.1.s390x",
                  "product_id": "libopenssl-3-fips-provider-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
                  "product_id": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
                  "product_id": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl3-3.5.3-6.1.s390x",
                  "product_id": "libopenssl3-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-32bit-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl3-32bit-3.5.3-6.1.s390x",
                  "product_id": "libopenssl3-32bit-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
                "product": {
                  "name": "libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
                  "product_id": "libopenssl3-x86-64-v3-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.5.3-6.1.s390x",
                "product": {
                  "name": "openssl-3-3.5.3-6.1.s390x",
                  "product_id": "openssl-3-3.5.3-6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-doc-3.5.3-6.1.s390x",
                "product": {
                  "name": "openssl-3-doc-3.5.3-6.1.s390x",
                  "product_id": "openssl-3-doc-3.5.3-6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl-3-devel-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl-3-devel-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl-3-devel-32bit-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl-3-fips-provider-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl3-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl3-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-32bit-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl3-32bit-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl3-32bit-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
                "product": {
                  "name": "libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
                  "product_id": "libopenssl3-x86-64-v3-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.5.3-6.1.x86_64",
                "product": {
                  "name": "openssl-3-3.5.3-6.1.x86_64",
                  "product_id": "openssl-3-3.5.3-6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-doc-3.5.3-6.1.x86_64",
                "product": {
                  "name": "openssl-3-doc-3.5.3-6.1.x86_64",
                  "product_id": "openssl-3-doc-3.5.3-6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl-3-devel-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl-3-devel-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl-3-devel-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl-3-devel-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-32bit-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-32bit-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-32bit-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl-3-fips-provider-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl3-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl3-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl3-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl3-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-32bit-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl3-32bit-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-32bit-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl3-32bit-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-32bit-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl3-32bit-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-32bit-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl3-32bit-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-x86-64-v3-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64"
        },
        "product_reference": "libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le"
        },
        "product_reference": "libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-x86-64-v3-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x"
        },
        "product_reference": "libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-x86-64-v3-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64"
        },
        "product_reference": "libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64"
        },
        "product_reference": "openssl-3-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le"
        },
        "product_reference": "openssl-3-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x"
        },
        "product_reference": "openssl-3-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64"
        },
        "product_reference": "openssl-3-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-doc-3.5.3-6.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64"
        },
        "product_reference": "openssl-3-doc-3.5.3-6.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-doc-3.5.3-6.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le"
        },
        "product_reference": "openssl-3-doc-3.5.3-6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-doc-3.5.3-6.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x"
        },
        "product_reference": "openssl-3-doc-3.5.3-6.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-doc-3.5.3-6.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        },
        "product_reference": "openssl-3-doc-3.5.3-6.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-34180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-34180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer.  More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL\u0027s ASN.1 decoder causes the content length of\nan ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the\nworst case the truncated length is treated as a request to scan the binary\ncontent for a terminating zero byte, possibly causing OpenSSL to read either\nless than or beyond the end of the allocated buffer.\n\nApplications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or\nany other d2i_* decoding function are affected. OpenSSL\u0027s own command-line\ntools are not vulnerable, as data read through the BIO layer is checked before\nit reaches the affected code. The issue only affects 64-bit Unix and Unix-like\nplatforms; 32-bit platforms and 64-bit Windows are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue,\nas the affected code is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-34180",
          "url": "https://www.suse.com/security/cve/CVE-2026-34180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266342 for CVE-2026-34180",
          "url": "https://bugzilla.suse.com/1266342"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-34180"
    },
    {
      "cve": "CVE-2026-34182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-34182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform\nsufficient input validation on the cipher and tag length fields of\nAuthEnvelopedData containers, leading to various potential compromises.\n\nImpact Summary: Attackers making use of these vulnerabilities may achieve\nkey-equivalent functionality for a given CMS recipient and/or bypass integrity\nvalidation for a given message.\n\nIn one use case, an attacker may send a CMS message containing\nAuthEnvelopedData with the cipher specified as a non-AEAD cipher.  OpenSSL\nerroneously allows this selection, and attempts to decrypt and validate the\nmessage.\n\nAn on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData\naddressed to the victim can re-emit it with the recipientInfos set left\nbyte-for-byte intact, so the victim\u0027s private key still unwraps the genuine CEK\n(the content-encryption key), but with the inner OID rewritten to AES-256-OFB\n(Output Feedback Mode, an unauthenticated keystream mode) and with an\nattacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the\nreal CEK, never consults the MAC field, and CMS_decrypt() returns success.\n\nIf the application under attack responds to the attacker with any indicator\nshowing success or failure of the decryption effort, it is possible for the\nattacker to use this as an oracle to obtain key equivalent functionality for the\nCEK used for the chosen recipient of the message.\n\nIn another use case, an attacker can reduce the tag length of the chosen AEAD\ncipher for a given AuthEnvelopedData container to be a single byte long,\nallowing an attacker to brute force CMS decryption, producing an integrity\nbypass for applications that trust CMS_decrypt() to reject modified content.\n\nThe FIPS modules are not affected by this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-34182",
          "url": "https://www.suse.com/security/cve/CVE-2026-34182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266344 for CVE-2026-34182",
          "url": "https://bugzilla.suse.com/1266344"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-34182"
    },
    {
      "cve": "CVE-2026-34183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-34183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: Remote peer may exhaust heap memory of the QUIC\nserver or client by flooding it with packets containing PATH_CHALLENGE\nframes.\n\nImpact summary: A malicious remote peer can cause an unbounded\nmemory allocation which can lead to an abnormal termination of the\napplication acting as a QUIC client or server and a Denial of Service.\n\nA remote peer may exhaust heap memory by flooding the local\nQUIC stack with PATH_CHALLENGE frames. The local QUIC stack\nallocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives.\nThe allocated PATH_RESPONSE frame gets freed only when the remote\npeer acknowledges reception of the PATH_RESPONSE frame which will\nnot be done by a malicious peer.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by\nthis issue. The QUIC stack is outside of OpenSSL FIPS module\nboundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-34183",
          "url": "https://www.suse.com/security/cve/CVE-2026-34183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266345 for CVE-2026-34183",
          "url": "https://bugzilla.suse.com/1266345"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-34183"
    },
    {
      "cve": "CVE-2026-42764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: Receiving a QUIC initial packet with an invalid token may\ntrigger a NULL pointer dereference in the OpenSSL QUIC server with\naddress validation disabled.\n\nImpact summary: NULL pointer dereference typically causes abnormal termination\nof the affected QUIC server process and a Denial of Service.\n\nIf the address validation is disabled in the OpenSSL QUIC server\nimplementation, an attacker can crash the server by sending an initial\npacket with an invalid or expired token.\n\nBy default, the client address validation is enabled in the OpenSSL QUIC server\nimplementation, which makes the default configuration not vulnerable\nto this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with\nthe SSL_new_listener() call, the address validation is disabled making the\nvulnerable code reachable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42764",
          "url": "https://www.suse.com/security/cve/CVE-2026-42764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266347 for CVE-2026-42764",
          "url": "https://bugzilla.suse.com/1266347"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42764"
    },
    {
      "cve": "CVE-2026-42766",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42766"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: A specially crafted password-encrypted CMS message\ncan trigger a NULL pointer dereference during CMS decryption.\n\nImpact summary: This NULL pointer dereference leads to an application crash\nand a Denial of Service.\n\nThe CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as\nOPTIONAL in the ASN.1 specification and may therefore be absent in specially\ncrafted inputs. During the password-based CMS decryption the OpenSSL\nCMS implementation dereferences this field without first checking whether it\nwas present.\n\nAn attacker who supplies such a CMS message to an application performing\npassword-based CMS decryption can trigger an application crash, leading to\na Denial of Service.\n\nApplications that process password-encrypted CMS messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42766",
          "url": "https://www.suse.com/security/cve/CVE-2026-42766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266349 for CVE-2026-42766",
          "url": "https://bugzilla.suse.com/1266349"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42766"
    },
    {
      "cve": "CVE-2026-42767",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42767"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol)\nserver could trigger a NULL pointer dereference in a CMP client application.\n\nImpact summary: A NULL pointer dereference causes a crash of the\napplication and a Denial of Service.\n\nAn attacker controlling a CMP server (or acting as a man-in-the-middle) could\ncraft a CMP response containing a CRMF (Certificate Request Message Format)\nCertRepMessage with an EncryptedValue structure where the symmAlg field\nhas an algorithm OID but no parameters field. When the OpenSSL CMP client\nprocesses this response, the NULL dereference occurs, causing a crash of\nthe CMP client.\n\nApplications that process untrusted CMP/CRMF messages may be affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42767",
          "url": "https://www.suse.com/security/cve/CVE-2026-42767"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266350 for CVE-2026-42767",
          "url": "https://bugzilla.suse.com/1266350"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42767"
    },
    {
      "cve": "CVE-2026-42768",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42768"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to\nBleichenbacher-style attack when an attacker is able to provide the CMS or\nS/MIME messages and observe the error code and/or decryption output.\n\nImpact summary: The Bleichenbacher-style attack allows an attacker to use the\nvictim\u0027s vulnerable application as a way to decrypt or sign messages with the\nvictim\u0027s private RSA key.\n\nThe attack is possible in 2 variants.\n\n1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without\nproviding the recipient certificate. In this case OpenSSL iterates over every\nKeyTransRecipientInfo (KTRI) without stopping at the first success.\n\nAn attacker who authors a message with two KTRI entries - the first one\nwrapping a real CEK under the victim\u0027s public key, the second with an\narbitrary probe ciphertext - obtains opportunity to iterate the 2nd KTRI to\nget a valid PKCS#1 v1.5 padding if the error code of the application is\navailable.\n\nThat is a Bleichenbacher oracle (Bleichenbacher, CRYPTO \u002798): an\nadaptive-chosen-ciphertext side channel from which the attacker decrypts any\nRSA ciphertext to the victim\u0027s key or forges any PKCS#1 v1.5 signature under\nit.\n\n2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with\nthe recipient certificate, and the recipient is not found, a random\nkey is substituted.\n\nAn attacker who authors a message and is able to compare both error code and\nthe result of the decryption, can mount a Bleichenbacher oracle.\n\nWe are not aware of any applications that provide a remote attacker\nan opportunity to mount an attack described in these scenarios. We consider\nthe existence of such application very unlikely, and for this reason this\nCVE has been evaluated as Low severity.\n\nTo avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the\ninvoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described\nin draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit\nrejection was explicitly disabled.\n\nThe implicit rejection mechanism always returns a plaintext value,\nthe symmetric key. This result is deterministic for the ciphertext and the\nprivate key.  The length of the decryption result can happen to match the\nlength of the key of the symmetric cipher that was used for the content\nencryption. When a certificate is not provided, the last RecipientInfo\nproducing a key that looks valid will be used. It may cause getting garbage\ncontent on decryption. As a proper way to deal with this a recipient\ncertificate has to be provided to identify the particular RecipientInfo for\ndecryption.\n\nThe FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as\nCMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42768",
          "url": "https://www.suse.com/security/cve/CVE-2026-42768"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266351 for CVE-2026-42768",
          "url": "https://bugzilla.suse.com/1266351"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42768"
    },
    {
      "cve": "CVE-2026-42769",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42769"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue Summary: An error in the callback used to verify the certificate\nprovided in a Root CA key update Certificate Management Protocol (CMP)\nmessage response rendered the certificate validation ineffectual, which\ncould lead to escalation of credentials from the Registration Authority (RA)\nlevel to the root Certification Authority (root CA) level.\n\nImpact Summary: The Registration Autority could replace the root CA\ncertificate for the CMP clients with an arbitrary root CA certificate.\n\nOne of the parts of the Certificate Management Protocol (CMP), specified in\nRFC 9810, is Root Certification Authority (root CA) key Rollover,\nwhich is sent by the server in a message with type \u0027id-it-rootCaKeyUpdate\u0027.\nAs part of these messages, \u0027newWithOld\u0027 certificate, the new root CA\ncertificate signed with the old root CA key, is provided, and verifying its\nsignature is crucial for transferring the trust from the old CA key to the\nnew one.\n\nThe \u0027id-it-rootCaKeyUpdate\u0027 messages are expected to be processed with\nOSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the \u0027newWithOld\u0027\ncertificate.  A typo in the certificate chain building code led to adding\nan incorrect certificate (\u0027newWithOld\u0027 instead of \u0027oldRoot\u0027) to the\ncertificate chain, rendering the certificate verification process ineffectual\n(only the issuer name and the algorithm OIDs were verified by other parts\nof the verification code).\n\nAn attacker who already has credentials that satisfy the CMP message\nprotection checks can generate a new key pair and use a crafted self-signed\ncertificate in its \u0027id-it-rootCaKeyUpdate\u0027 CMP messages which affected CMP\nclients would accept as a new trust anchor.\n\nSignificant preconditions for the attack (having valid RA-level credentials)\nare the reason the issue was assigned Low severity.\n\nThe FIPS modules are not affected by this issue, as the affected code is\noutside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42769",
          "url": "https://www.suse.com/security/cve/CVE-2026-42769"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266352 for CVE-2026-42769",
          "url": "https://bugzilla.suse.com/1266352"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42769"
    },
    {
      "cve": "CVE-2026-42770",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-42770"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\npeer key, the peer key is not properly checked for the subgroup membership.\n\nImpact summary: A malicious peer which presents an X9.42 key carrying the\nvictim\u0027s p and g parameters, a forged q = r (a small prime factor of the\ncofactor (p\u22121)/q_local), and a public value Y of order r can recover the\nvictim\u0027s private key after a small number of key exchange attempts.\n\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer\u0027s\nown q parameter, not the local key\u0027s q. The peer\u0027s domain parameters are\nthen matched against the domain parameters of the private key, but the value\nof q is not compared.\n\nA malicious peer who presents an X9.42 key carrying the victim\u0027s p, g,\na forged q = r (a small prime factor of the cofactor), and a public\nvalue Y of order r passes all checks. The shared secret then takes only\nr distinct values, leaking priv mod r. Repeating for each small-prime\nfactor of the cofactor and combining via CRT recovers the full private\nkey (Lim-Lee / small-subgroup-confinement attack).\n\nThe realistic attack surface is narrow: principally CMP deployments with\nlong-lived RA/CA DHX keys and bespoke enterprise or government applications\nusing X9.42 DHX static keys with interactive protocols and therefore this\nissue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\nissue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-42770",
          "url": "https://www.suse.com/security/cve/CVE-2026-42770"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266353 for CVE-2026-42770",
          "url": "https://bugzilla.suse.com/1266353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-42770"
    },
    {
      "cve": "CVE-2026-45445",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-45445"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: When an application drives an AES-OCB context through the\npublic EVP_Cipher() one-shot interface, the application-supplied\ninitialisation vector (IV) is silently discarded.\n\nImpact summary: Every message encrypted under the same key uses the\nsame effective nonce regardless of the IV supplied by the caller,\nresulting in (key, nonce) reuse and loss of confidentiality.  If the\nsame code path is used to compute the authentication tag, the tag\ndepends only on the (key, IV) pair and not on the plaintext or\nciphertext, allowing universal forgery of arbitrary ciphertext from a\nsingle captured message.\n\nOpenSSL provides two ways to drive a cipher: the documented streaming\ninterface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level\none-shot, EVP_Cipher(), whose documentation explicitly recommends\nagainst use by applications in favour of EVP_CipherUpdate() and\nEVP_CipherFinal_ex().  The OCB provider\u0027s streaming handler flushes\nthe application-supplied IV into the OCB context before processing\ndata; the one-shot handler did not.  Every call to EVP_Cipher() on an\nAES-OCB context therefore ran with the all-zero key-derived offset\nstate left by cipher initialisation, regardless of the caller\u0027s IV.\n\nIf EVP_EncryptFinal_ex() is subsequently used to obtain the\nauthentication tag, the deferred IV setup runs at that point and\nclears the running checksum that should have been accumulated over the\nplaintext.  The resulting tag is a function of (key, IV) only and\nverifies against any ciphertext produced under the same (key, IV)\npair.\n\nThe OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a\nTLS cipher suite, and libssl does not call EVP_Cipher() in any case.\nApplications that drive AES-OCB through the documented streaming AEAD\nAPI (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected.  Only\napplications that combine the AES-OCB cipher with the EVP_Cipher()\none-shot API are vulnerable.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as AES-OCB is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-45445",
          "url": "https://www.suse.com/security/cve/CVE-2026-45445"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266355 for CVE-2026-45445",
          "url": "https://bugzilla.suse.com/1266355"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-45445"
    },
    {
      "cve": "CVE-2026-45446",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-45446"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV\n(RFC 8452) mishandle the authentication of AAD (Additional Authenticated\nData) with an empty ciphertext allowing a forgery of such messages.\n\nImpact summary: An attacker can forge empty messages with arbitrary AAD\nto the victim\u0027s application using these ciphers.\n\nAES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD\nmodes: they accept a key, nonce, optional AAD (bytes that are authenticated\nbut not encrypted), and plaintext, and produces ciphertext plus a 16-byte\ntag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only\nif the tag is verified succesfully.\n\nIn OpenSSL\u0027s provider implementation of these ciphers, the expected tag is\ncomputed only when decryption function is invoked with non-empty data.\nIf the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without\ninvocation of the ciphertext update, which can happen when the received\nciphertext length is zero, the tag is never recalculated and still holds its\nall-zeros value.\n\nWhen AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty\nciphertext, and all-zeros tag passes authentication under any key they do not\nknow, single-shot. When AES-SIV is used, for mounting the attack it\u0027s\nnecessary for the application to reuse the decryption context without\nresetting the key.\n\nAES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since\nOpenSSL 3.2.\n\nNo protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support\neither AES-GCM-SIV or AES-SIV. To mount an attack, the applications must\nimplement their own protocol and use the EVP interface. Also they must skip the\nciphertext update when a message with an empty ciphertext arrives.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as these algorithms are not FIPS approved and the affected code is\noutside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-45446",
          "url": "https://www.suse.com/security/cve/CVE-2026-45446"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266356 for CVE-2026-45446",
          "url": "https://bugzilla.suse.com/1266356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-45446"
    },
    {
      "cve": "CVE-2026-45447",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-45447"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-45447",
          "url": "https://www.suse.com/security/cve/CVE-2026-45447"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266357 for CVE-2026-45447",
          "url": "https://bugzilla.suse.com/1266357"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266389 for CVE-2026-45447",
          "url": "https://bugzilla.suse.com/1266389"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-45447"
    },
    {
      "cve": "CVE-2026-7383",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-7383"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: A signed integer overflow when sizing the destination\nbuffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap\nbuffer overflow.\n\nImpact summary: A heap buffer overflow may lead to a crash or possibly\nattacker controlled code execution or other undefined behaviour.\n\nIn ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination\nsize for Unicode output is computed in a signed int: by left shift\nof the input character count for BMPSTRING (UTF-16) and\nUNIVERSALSTRING (UTF-32), and by summing per-character byte counts\nfor UTF8STRING. The calculation overflows when the input reaches\naround 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30\ncharacters) the size wraps to zero, OPENSSL_malloc(1) is called, and\nthe subsequent character copy writes several gigabytes past the\none-byte allocation.\n\nX.509 certificate processing routes through ASN1_STRING_set_by_NID(),\nwhose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID\nsize limits cap the input length; no network protocol or\ncertificate-handling path in OpenSSL exercises the overflow.\nTriggering the bug requires an application that calls\nASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers\na custom string type via ASN1_STRING_TABLE_add(), with\nattacker-controlled input on the order of half a gigabyte or more.\nFor these reasons this issue was assigned Low severity.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by\nthis issue, as the affected code is outside the OpenSSL FIPS module\nboundary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-7383",
          "url": "https://www.suse.com/security/cve/CVE-2026-7383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266340 for CVE-2026-7383",
          "url": "https://bugzilla.suse.com/1266340"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-7383"
    },
    {
      "cve": "CVE-2026-9076",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-9076"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap)\nprocesses attacker-supplied CMS data, an attacker-chosen stream-mode KEK\ncipher can trigger a heap out-of-bounds read in kek_unwrap_key().\n\nImpact summary: A heap buffer over-read may trigger a crash which leads to\nDenial of Service for an application if the input buffer ends at a memory\npage boundary and the following page is unmapped. There is no information\ndisclosure as the over-read bytes are not revealed to the attacker.\n\nThe key unwrapping function performs a check-byte test as specified in the\nRFC that reads 7 bytes from a heap allocation that is based on the wrapped\nkey length from the message. There is a minimum length check based on the\nblock length of the wrapping cipher. However the cipher is selected from\nan OID carried in the attacker\u0027s PWRI keyEncryptionAlgorithm with no\nrequirement that the cipher be a block cipher. When an attacker selects\na stream-mode cipher the guard will be ineffective and the allocated buffer\ncontaining the unwrapped key can be too small to fit the check-bytes\nspecified in the RFC and a buffer over-read can happen.\n\nApplications calling CMS_decrypt() or CMS_decrypt_set1_password()\n(equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS\ndata are vulnerable to this issue. No password knowledge is required: the\nover-read happens during the unwrap attempt before any authentication\nsucceeds.\n\nThe over-read is limited to a few bytes and is not written to output, so\nthere is no information disclosure. Triggering a crash requires the\nallocation to border unmapped memory, which is unlikely with the normal\nallocator.\n\nThe FIPS modules are not affected by this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
          "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-9076",
          "url": "https://www.suse.com/security/cve/CVE-2026-9076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1266341 for CVE-2026-9076",
          "url": "https://bugzilla.suse.com/1266341"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-devel-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl-3-fips-provider-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-32bit-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:libopenssl3-x86-64-v3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-3.5.3-6.1.x86_64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.aarch64",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.ppc64le",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.s390x",
            "openSUSE Tumbleweed:openssl-3-doc-3.5.3-6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-13T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-9076"
    }
  ]
}