Lucene search
+L

9 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.12 views

JLSEC-2026-260 Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/09 8:50 a.m.3 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS6.6AI score0.00403EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/01/30 12:30 a.m.5 views

SUSE CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.3CVSS6AI score0.00403EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/01/28 9:6 a.m.12 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/27 4:1 p.m.4 views

EUVD-2025-206398

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

6AI score0.00403EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2026/01/27 4:1 p.m.5 views

CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.3AI score0.00403EPSS
Exploits1
OSV
OSV
added 2026/01/27 4:1 p.m.7 views

CVE-2025-66199 TLS 1.3 CompressedCertificate excessive memory allocation

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.8AI score0.00403EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2026/01/27 12:0 a.m.4 views

CVE-2025-66199

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.9AI score0.00403EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.6 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

5.9CVSS6.3AI score0.00403EPSS
Exploits1References5
Rows per page
Query Builder