Vulnerabilities

 54 via 54 paths

Dependencies

 108

Source

 Group 6 Copy Created with Sketch. Docker

Target OS

 oracle:7
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 40
  • 14
Status
  • 54
  • 0
  • 0

high severity

CVE-2024-56171

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.5.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.5.el7_9.6 or higher.
This issue was patched in ELSA-2025-2673.

References

CVE-2024-56171 vulnerability report

high severity

CVE-2024-56171

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.5.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.5.el7_9.6 or higher.
This issue was patched in ELSA-2025-2673.

References

CVE-2024-56171 vulnerability report

high severity

Integer Overflow or Wraparound

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Integer Overflow or Wraparound vulnerability report

high severity

Out-of-Bounds

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Out-of-Bounds vulnerability report

high severity

Out-of-Bounds

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Out-of-Bounds vulnerability report

high severity

Out-of-Bounds

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-0799.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Out-of-Bounds vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Out-of-bounds Write vulnerability report

high severity

CVE-2025-6965

  • Vulnerable module: sqlite
  • Introduced through: sqlite@3.7.17-8.el7_7.1
  • Fixed in: 0:3.7.17-8.0.1.el7_9.1

Detailed paths

  • Introduced through: oraclelinux@7-slim sqlite@3.7.17-8.el7_7.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite package and not the sqlite package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

Remediation

Upgrade Oracle:7 sqlite to version 0:3.7.17-8.0.1.el7_9.1 or higher.
This issue was patched in ELSA-2025-12349.

References

CVE-2025-6965 vulnerability report

high severity

Expired Pointer Dereference

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Expired Pointer Dereference vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Out-of-bounds Read vulnerability report

high severity

Expired Pointer Dereference

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Expired Pointer Dereference vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Out-of-bounds Read vulnerability report

high severity

CVE-2016-9840

  • Vulnerable module: zlib
  • Introduced through: zlib@1.2.7-21.el7_9
  • Fixed in: 0:1.2.7-21.0.1.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim zlib@1.2.7-21.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

Remediation

Upgrade Oracle:7 zlib to version 0:1.2.7-21.0.1.el7_9 or higher.
This issue was patched in ELSA-2025-8314.

References

CVE-2016-9840 vulnerability report

high severity

Use After Free

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.9.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.9.el7_9.6 or higher.
This issue was patched in ELSA-2025-13464.

References

Use After Free vulnerability report

high severity

Use After Free

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.9.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.9.el7_9.6 or higher.
This issue was patched in ELSA-2025-13464.

References

Use After Free vulnerability report

high severity

CVE-2025-24928

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.5.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.5.el7_9.6 or higher.
This issue was patched in ELSA-2025-2673.

References

CVE-2025-24928 vulnerability report

high severity

CVE-2025-24928

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.5.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.5.el7_9.6 or higher.
This issue was patched in ELSA-2025-2673.

References

CVE-2025-24928 vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Out-of-bounds Write vulnerability report

high severity

Unchecked Return Value

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Unchecked Return Value vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Out-of-bounds Write vulnerability report

high severity

Unchecked Return Value

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.7.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.7.el7_9.6 or higher.
This issue was patched in ELSA-2025-12240.

References

Unchecked Return Value vulnerability report

high severity

Improper Input Validation

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Improper Input Validation vulnerability report

high severity

Integer Overflow or Wraparound

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Integer Overflow or Wraparound vulnerability report

high severity

Integer Overflow or Wraparound

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 10:1.0.2k-22.el7_9_fips

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

Remediation

Upgrade Oracle:7 openssl-libs to version 10:1.0.2k-22.el7_9_fips or higher.
This issue was patched in ELSA-2021-9528.

References

Integer Overflow or Wraparound vulnerability report

high severity

Memory Leak

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Memory Leak vulnerability report

high severity

Numeric Errors

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Numeric Errors vulnerability report

high severity

Numeric Errors

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Numeric Errors vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Out-of-bounds Read vulnerability report

high severity

Resource Management Errors

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (memory consumption) via a short invalid encoding.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Resource Management Errors vulnerability report

high severity

Resource Management Errors

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Resource Management Errors vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: gnupg2
  • Introduced through: gnupg2@2.0.22-5.el7_5
  • Fixed in: 0:2.0.22-5.0.1.el7_5

Detailed paths

  • Introduced through: oraclelinux@7-slim gnupg2@2.0.22-5.el7_5

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

Remediation

Upgrade Oracle:7 gnupg2 to version 0:2.0.22-5.0.1.el7_5 or higher.
This issue was patched in ELSA-2026-1677.

References

Out-of-bounds Write vulnerability report

high severity

Information Exposure

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.5

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.5 or higher.
This issue was patched in ELSA-2016-3556.

References

Information Exposure vulnerability report

high severity

NULL Pointer Dereference

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 10:1.0.2k-22.el7_9_fips

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

Remediation

Upgrade Oracle:7 openssl-libs to version 10:1.0.2k-22.el7_9_fips or higher.
This issue was patched in ELSA-2021-9528.

References

NULL Pointer Dereference vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Out-of-bounds Read vulnerability report

high severity

Information Exposure

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.7 or higher.
This issue was patched in ELSA-2016-3621.

References

Information Exposure vulnerability report

high severity

ELSA-2016-3523

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-51.ksplice1.el7_2.4

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-51.ksplice1.el7_2.4 or higher.
This issue was patched in ELSA-2016-3523.

References

ELSA-2016-3523 vulnerability report

high severity

ELSA-2018-4077

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.2k-12.0.1.ksplice1.el7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.2k-12.0.1.ksplice1.el7 or higher.
This issue was patched in ELSA-2018-4077.

References

ELSA-2018-4077 vulnerability report

high severity

ELSA-2018-4253

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.2k-12.0.3.ksplice1.el7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.2k-12.0.3.ksplice1.el7 or higher.
This issue was patched in ELSA-2018-4253.

References

ELSA-2018-4253 vulnerability report

high severity

ELSA-2018-4267

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.2k-16.0.1.ksplice1.el7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.2k-16.0.1.ksplice1.el7 or higher.
This issue was patched in ELSA-2018-4267.

References

ELSA-2018-4267 vulnerability report

high severity

ELSA-2019-4581

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.2k-16.0.1.ksplice1.el7_6.1

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.2k-16.0.1.ksplice1.el7_6.1 or higher.
This issue was patched in ELSA-2019-4581.

References

ELSA-2019-4581 vulnerability report

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: glib2
  • Introduced through: glib2@2.56.1-9.el7_9
  • Fixed in: 0:2.56.1-9.0.3.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim glib2@2.56.1-9.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream glib2 package and not the glib2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Remediation

Upgrade Oracle:7 glib2 to version 0:2.56.1-9.0.3.el7_9 or higher.
This issue was patched in ELSA-2026-1608.

References

Integer Overflow or Wraparound vulnerability report

medium severity

Out-of-bounds Read

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.11.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Remediation

Upgrade Oracle:7 libxml2 to version 0:2.9.1-6.0.11.el7_9.6 or higher.
This issue was patched in ELSA-2025-13789.

References

Out-of-bounds Read vulnerability report

medium severity

Out-of-bounds Read

  • Vulnerable module: libxml2-python
  • Introduced through: libxml2-python@2.9.1-6.0.3.el7_9.6
  • Fixed in: 0:2.9.1-6.0.11.el7_9.6

Detailed paths

  • Introduced through: oraclelinux@7-slim libxml2-python@2.9.1-6.0.3.el7_9.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2-python package and not the libxml2-python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Remediation

Upgrade Oracle:7 libxml2-python to version 0:2.9.1-6.0.11.el7_9.6 or higher.
This issue was patched in ELSA-2025-13789.

References

Out-of-bounds Read vulnerability report

medium severity

Out-of-bounds Read

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 10:1.0.2k-23.0.1.el7_9_fips

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).

Remediation

Upgrade Oracle:7 openssl-libs to version 10:1.0.2k-23.0.1.el7_9_fips or higher.
This issue was patched in ELSA-2022-9023.

References

Out-of-bounds Read vulnerability report

medium severity

Cross-site Scripting (XSS)

  • Vulnerable module: libgcc
  • Introduced through: libgcc@4.8.5-44.0.3.el7
  • Fixed in: 0:4.8.5-45.0.1.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim libgcc@4.8.5-44.0.3.el7

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgcc package and not the libgcc package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Remediation

Upgrade Oracle:7 libgcc to version 0:4.8.5-45.0.1.el7_9 or higher.
This issue was patched in ELSA-2025-1601.

References

Cross-site Scripting (XSS) vulnerability report

medium severity

Cross-site Scripting (XSS)

  • Vulnerable module: libstdc++
  • Introduced through: libstdc++@4.8.5-44.0.3.el7
  • Fixed in: 0:4.8.5-45.0.1.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim libstdc++@4.8.5-44.0.3.el7

NVD Description

Note: Versions mentioned in the description apply only to the upstream libstdc++ package and not the libstdc++ package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Remediation

Upgrade Oracle:7 libstdc++ to version 0:4.8.5-45.0.1.el7_9 or higher.
This issue was patched in ELSA-2025-1601.

References

Cross-site Scripting (XSS) vulnerability report

medium severity

CVE-2025-12084

  • Vulnerable module: python
  • Introduced through: python@2.7.5-94.0.1.el7_9
  • Fixed in: 0:2.7.5-94.0.3.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim python@2.7.5-94.0.1.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream python package and not the python package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

Remediation

Upgrade Oracle:7 python to version 0:2.7.5-94.0.3.el7_9 or higher.
This issue was patched in ELSA-2026-1537.

References

CVE-2025-12084 vulnerability report

medium severity

CVE-2025-12084

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-94.0.1.el7_9
  • Fixed in: 0:2.7.5-94.0.3.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim python-libs@2.7.5-94.0.1.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream python-libs package and not the python-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents.

Remediation

Upgrade Oracle:7 python-libs to version 0:2.7.5-94.0.3.el7_9 or higher.
This issue was patched in ELSA-2026-1537.

References

CVE-2025-12084 vulnerability report

medium severity

CVE-2025-4802

  • Vulnerable module: glibc
  • Introduced through: glibc@2.17-326.0.9.el7_9.3
  • Fixed in: 2:2.17-326.0.11.ksplice1.el7_9.3

Detailed paths

  • Introduced through: oraclelinux@7-slim glibc@2.17-326.0.9.el7_9.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Remediation

Upgrade Oracle:7 glibc to version 2:2.17-326.0.11.ksplice1.el7_9.3 or higher.
This issue was patched in ELSA-2025-20596.

References

CVE-2025-4802 vulnerability report

medium severity

CVE-2025-4802

  • Vulnerable module: glibc-common
  • Introduced through: glibc-common@2.17-326.0.9.el7_9.3
  • Fixed in: 2:2.17-326.0.11.ksplice1.el7_9.3

Detailed paths

  • Introduced through: oraclelinux@7-slim glibc-common@2.17-326.0.9.el7_9.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc-common package and not the glibc-common package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Remediation

Upgrade Oracle:7 glibc-common to version 2:2.17-326.0.11.ksplice1.el7_9.3 or higher.
This issue was patched in ELSA-2025-20596.

References

CVE-2025-4802 vulnerability report

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: krb5-libs
  • Introduced through: krb5-libs@1.15.1-55.0.7.el7_9
  • Fixed in: 0:1.15.1-55.0.9.el7_9

Detailed paths

  • Introduced through: oraclelinux@7-slim krb5-libs@1.15.1-55.0.7.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5-libs package and not the krb5-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.

Remediation

Upgrade Oracle:7 krb5-libs to version 0:1.15.1-55.0.9.el7_9 or higher.
This issue was patched in ELSA-2025-1352.

References

Integer Overflow or Wraparound vulnerability report

medium severity

CVE-2025-9230

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 10:1.0.2k-26.0.1.el7_9_fips

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl-libs package and not the openssl-libs package as distributed by Oracle. See How to fix? for Oracle:7 relevant fixed versions and status.

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.

Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code.

Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy.

The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.

Remediation

Upgrade Oracle:7 openssl-libs to version 10:1.0.2k-26.0.1.el7_9_fips or higher.
This issue was patched in ELSA-2026-50114.

References

CVE-2025-9230 vulnerability report

medium severity

ELSA-2017-3518

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.1e-60.ksplice1.el7_3.1

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.1e-60.ksplice1.el7_3.1 or higher.
This issue was patched in ELSA-2017-3518.

References

ELSA-2017-3518 vulnerability report

medium severity

ELSA-2019-4754

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-26.el7_9
  • Fixed in: 2:1.0.2k-19.0.1.ksplice1.el7

Detailed paths

  • Introduced through: oraclelinux@7-slim openssl-libs@1:1.0.2k-26.el7_9

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

Upgrade Oracle:7 openssl-libs to version 2:1.0.2k-19.0.1.ksplice1.el7 or higher.
This issue was patched in ELSA-2019-4754.

References

ELSA-2019-4754 vulnerability report