Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions. Instead of exhaustively listing detailed writeups for each issue, please see the referenced advisory from OpenSSL.
Issues affecting FreeBSD 15.0 (OpenSSL 3.5):
CVE-2025-11187 - Improper validation of PBMAC1 parameters in PKCS#12 MAC verification
CVE-2025-15467 - Stack buffer overflow in CMS AuthEnvelopedData parsing
CVE-2025-15468 - NULL dereference in SSL_CIPHER_find() function on unknown cipher ID
CVE-2025-15469 - "openssl dgst" one-shot codepath silently truncates inputs >16MB
CVE-2025-66199 - TLS 1.3 CompressedCertificate excessive memory allocation
CVE-2025-68160 - Heap out-of-bounds write in BIO_f_linebuffer on short writes
CVE-2025-69418 - Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
CVE-2025-69419 - Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
CVE-2025-69420 - Missing ASN1_TYPE validation in TS_RESP_verify_response() function
CVE-2025-69421 - NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
CVE-2026-22795 - Missing ASN1_TYPE validation in PKCS#12 parsing
CVE-2026-22796 - ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
Issues affecting FreeBSD 14.3 (OpenSSL 3.0):
CVE-2025-15467 - Stack buffer overflow in CMS AuthEnvelopedData parsing
CVE-2025-68160 - Heap out-of-bounds write in BIO_f_linebuffer on short writes
CVE-2025-69418 - Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
CVE-2025-69419 - Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
CVE-2025-69420 - Missing ASN1_TYPE validation in TS_RESP_verify_response() function
CVE-2025-69421 - NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
CVE-2026-22795 - Missing ASN1_TYPE validation in PKCS#12 parsing
CVE-2026-22796 - ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
Issues affecting FreeBSD 13.5 (OpenSSL 1.1.1):
CVE-2025-68160 - Heap out-of-bounds write in BIO_f_linebuffer on short writes
CVE-2025-69418 - Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
CVE-2025-69419 - Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
CVE-2025-69420 - Missing ASN1_TYPE validation in TS_RESP_verify_response() function
CVE-2025-69421 - NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
CVE-2026-22795 - Missing ASN1_TYPE validation in PKCS#12 parsing
CVE-2026-22796 - ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
