Vulnerability in OpenSSL (CVE-2015-0288)

2015-03-02T00:00:00
ID OPENSSL:CVE-2015-0288
Type openssl
Reporter OpenSSL
Modified 2015-03-02T00:00:00

Description

X509_to_X509_REQ NULL pointer deref. The function X509_to_X509_REQ will crash with a NULL pointer dereference if the certificate key is invalid. This function is rarely used in practice. Reported by Brian Carpenter.