OpenSSL Product Security Update Advisory (CVE-2025-69420)

Overview

 

We have released security updates to fix vulnerabilities in our OpenSSL products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-69420

 

OpenSSL Version: 3.6
OpenSSL Version: 3.5
OpenSSL version: 3.4
OpenSSL version: 3.3
OpenSSL version: 3.0
OpenSSL version: 1.1.1

 

 

Resolved Vulnerabilities

 

Denial of service vulnerability due to missing type validation when validating timestamp responses in OpenSSL (CVE-2025-69420)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-69420

 

OpenSSL version: 3.6.1
OpenSSL version: 3.5.5
OpenSSL version: 3.4.4
OpenSSL version: 3.3.6
OpenSSL version: 3.0.19
OpenSSL version: 1.1.1ze

 

 

References

 

[1] OpenSSL Security Advisory [27th January 2026]
https://openssl-library.org/news/secadv/20260127.txt