6.2 Medium
AI Score
Confidence
Low
0.052 Low
EPSS
Percentile
93.0%
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.