OpenSSL Multiple Vulnerabilities
Release Date: 3 Feb 2026
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in OpenSSL. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, data manipulation and sensitive information disclosure on the targeted system.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Data Manipulation
System / Technologies affected
- OpenSSL version 1.0.2
- OpenSSL version 1.1.1
- OpenSSL version 3.0
- OpenSSL version 3.3
- OpenSSL version 3.4
- OpenSSL version 3.5
- OpenSSL version 3.6
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- For version 1.0.2, upgrade to version 1.0.2zn
- For version 1.1.1, upgrade to version 1.1.1ze
- For version 3.0, upgrade to version 3.0.19
- For version 3.3, upgrade to version 3.3.6
- For version 3.4, upgrade to version 3.4.4
- For version 3.5, upgrade to version 3.5.5
- For version 3.6, upgrade to version 3.6.1
Vulnerability Identifier
- CVE-2025-11187
- CVE-2025-15467
- CVE-2025-15468
- CVE-2025-15469
- CVE-2025-66199
- CVE-2025-68160
- CVE-2025-69418
- CVE-2025-69419
- CVE-2025-69420
- CVE-2025-69421
- CVE-2026-22795
- CVE-2026-22796
沒有留言:
發佈留言