OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file (CVE-2025-11187)
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing (CVE-2025-15467)
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling (CVE-2025-15468)
openssl: OpenSSL: Data integrity bypass in openssl dgst command due to silent truncation (CVE-2025-15469)
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression (CVE-2025-66199)
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter (CVE-2025-68160)
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls (CVE-2025-69418)
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing (CVE-2025-69421)
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response (CVE-2025-69420)
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing (CVE-2026-22795)
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification (CVE-2026-22796)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
1:3.5.1-7.el9_7Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H