{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/vex/2025/cve-2025-69420-els_os-oraclelinux7els.json" } ], "tracking": { "current_release_date": "2026-02-10T14:39:45Z", "generator": { "date": "2026-02-10T14:39:45Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2025-69420-ELS_OS-ORACLELINUX7ELS", "initial_release_date": "2025-01-01T00:00:00Z", "revision_history": [ { "date": "2025-01-01T00:00:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-02-10T14:39:45Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Security update on CVE-2025-69420" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux 7", "product": { "name": "Oracle Linux 7", "product_id": "Oracle-Linux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Oracle Linux" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-devel@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-libs@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-perl@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-static@1.0.2k-26.el7_9?arch=x86_64&epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-devel@1.0.2k-26.el7_9?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-libs@1.0.2k-26.el7_9?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/oracle/openssl-static@1.0.2k-26.el7_9?arch=i686&epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Oracle Corporation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-perl@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els6?arch=x86_64&epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-devel@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-libs@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } }, { "category": "product_version", "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_id": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/openssl-static@1.0.2k-26.el7_9.tuxcare.els6?arch=i686&epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.0.2k-26.el7_9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.0.2k-26.el7_9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-devel-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.0.2k-26.el7_9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-libs-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.0.2k-26.el7_9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-perl-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.i686 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.i686" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.i686", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-static-1:1.0.2k-26.el7_9.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" }, "product_reference": "openssl-static-1:1.0.2k-26.el7_9.x86_64", "relates_to_product_reference": "Oracle-Linux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-69420", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type ('Type Confusion')" }, "notes": [ { "category": "description", "text": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response\nverification code where an ASN1_TYPE union member is accessed without first\nvalidating the type, causing an invalid or NULL pointer dereference when\nprocessing a malformed TimeStamp Response file.\nImpact summary: An application calling TS_RESP_verify_response() with a\nmalformed TimeStamp Response can be caused to dereference an invalid or\nNULL pointer when reading, resulting in a Denial of Service.\nThe functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2()\naccess the signing cert attribute value without validating its type.\nWhen the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory\nthrough the ASN1_TYPE union, causing a crash.\nExploiting this vulnerability requires an attacker to provide a malformed\nTimeStamp Response to an application that verifies timestamp responses. The\nTimeStamp protocol (RFC 3161) is not widely used and the impact of the\nexploit is just a Denial of Service. For these reasons the issue was\nassessed as Low severity.\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the TimeStamp Response implementation is outside the OpenSSL FIPS module\nboundary.\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\nOpenSSL 1.0.2 is not affected by this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-69420" } ], "release_date": "2026-01-27T00:00:00Z", "remediations": [ { "category": "no_fix_planned", "details": "- The flaw is confined to the RFC 3161 TimeStamp Response verification path (TS_RESP_verify_response) and only causes a NULL/invalid pointer dereference, resulting in a process crash with no confidentiality or integrity impact. \n- Exploitation requires an attacker-supplied TimeStamp Response and software that explicitly performs timestamp verification; common OpenSSL uses such as TLS handshakes do not reach this code path. \n- OpenSSL FIPS modules are outside the affected boundary, so given the DoS-only impact and specialized trigger conditions, this can be deprioritized in enterprise VM/server deployments.", "product_ids": [ "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-devel-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-libs-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-perl-1:1.0.2k-26.el7_9.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.i686", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.tuxcare.els6.x86_64", "Oracle-Linux-7:openssl-static-1:1.0.2k-26.el7_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }