Lucene search
+L

5 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.12 views

JLSEC-2026-260 Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/04/09 8:50 a.m.3 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS6.6AI score0.00403EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/01/28 9:6 a.m.14 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/27 4:1 p.m.4 views

EUVD-2025-206398

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

6AI score0.00403EPSS
Exploits1References5
OSV
OSV
added 2026/01/27 4:1 p.m.9 views

CVE-2025-66199 TLS 1.3 CompressedCertificate excessive memory allocation

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.8AI score0.00403EPSS
Exploits1References7
Rows per page
Query Builder