vulnerability
Red Hat: CVE-2025-15469: openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:C/A:N) | Jan 27, 2026 | Jan 29, 2026 | Jan 29, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:C/A:N)
Published
Jan 27, 2026
Added
Jan 29, 2026
Modified
Jan 29, 2026
Description
A flaw was found in openssl. When a user signs or verifies files larger than 16MB using the `openssl dgst` command with one-shot algorithms, the tool silently truncates the input to 16MB. This creates an integrity gap, allowing trailing data beyond the initial 16MB to be modified without detection because it remains unauthenticated. This vulnerability primarily impacts workflows that both sign and verify files using the affected `openssl dgst` command.
Solutions
redhat-upgrade-opensslredhat-upgrade-openssl-debuginforedhat-upgrade-openssl-debugsourceredhat-upgrade-openssl-develredhat-upgrade-openssl-libsredhat-upgrade-openssl-libs-debuginforedhat-upgrade-openssl-perl
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.