CVE-2025-3416

Published Apr 8, 2025

Last updated 2 months ago

CVSS low 3.7

Overview

Description
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Source
secalert@redhat.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
3.7
Impact score
1.4
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity
LOW

Weaknesses

secalert@redhat.com
CWE-416

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-3416 Alert: Patch #python-cryptography NOW if you use: ✅ #SUSE Linux Enterprise 15 SP6 ✅ openSUSE Leap 15.6 ✅ Python 3 Module 15-SP6 CVSS 6.3/3.7 – OpenSSL use-after-free fix. Details: Read more: 👉 https://t.co/4BJQ0f635X #DevSecOps #SUSE ht

    @Cezar_H_Linux

    23 May 2025

    29 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🔐 Critical Security Alert: Python-Maturin update patches CVE-2025-3416 (OpenSSL flaw) & CVE-2025-4574 (memory corruption). 🔗 Patch guide:Read more: 👉https://t.co/4tZUtayGL4 #InfoSec #DevOps #SUSE https://t.co/BZRagfKFkk

    @Cezar_H_Linux

    20 May 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Patch NOW! 🚨 #openSUSE Leap 15.4 has a critical rustup flaw (CVE-2025-3416) – a use-after-free bug in OpenSSL. Fix: bash zypper in -t patch SUSE-2025-1560=1 Read more: 👉 https://t.co/MvoOjepD7Q #Linux #CyberSecurity #RustLang https://t.co/

    @Cezar_H_Linux

    18 May 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 📢 Patch Alert: CVE-2025-3416 in cargo-c (rust-openssl) affects #openSUSE Leap 15.6. Low severity, but update now! ▶ zypper in -t patch SUSE-2025-1570=1 Read more: 👉 https://t.co/CYMSgPJxco #LinuxSecurity #RustLang https://t.co/lUBKkFK2BK

    @Cezar_H_Linux

    17 May 2025

    39 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  5. CVE-2025-3416 A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in un… https://t.co/9eJ6b3aSBC

    @CVEnew

    8 Apr 2025

    272 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.