UBUNTU-CVE-2025-65496

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65499

The CVE-2025-65499 issue affects libcoap 4.3.5, specifically the tls_verify_call_back() path in src/coap_openssl.c. A misindexed array causes SSL_get_ex_data_X509_STORE_CTX_idx() to return -1, enabling a remote attacker to trigger a denial of service during a crafted DTLS handshake. Public adviso...

CVE-2025-65496

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65498

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65497

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65500

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65493

CVE-2025-65493 affects libcoap (C implementation). A NULL pointer dereference in src/coap_openssl.c (BIO_get_data()) allows a remote attacker to cause DoS via a crafted DTLS/TLS connection on libcoap 4.3.5. Fedora advisories show fixes in libcoap-4.3.5a-1 for FC42/FC43; platforms openSUSE and EUV...

PT-2025-47912

NULL pointer dereference in coap dtls generate cookie in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL get SSL CTX to return NULL...

CVE-2025-65500

CVE-2025-65500 affects libcoap 4.3.5 (OISM libcoap) and is due to a NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c. This can allow a remote attacker to cause a denial of service by crafting a DTLS handshake that triggers SSL_get_SSL_CTX() to return NULL. Multiple so...

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from a null pointer dereference in the coapdtlsgeneratecookie function in src/coapopenssl.c, which could lead to a denial of service atta...

CVE-2025-65498

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

CVE-2025-65493

NULL pointer dereference in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIOgetdata to return NULL...

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from an integer sign error in the tlsverifycallback function in src/coapopenssl.c, which could lead to a denial of service attack...

CVE-2025-65493

NULL pointer dereference in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIOgetdata to return NULL...

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from a null pointer dereference in the coapdtlsgeneratecookie function in src/coapopenssl.c, which could lead to a denial of service atta...

libcoap 安全漏洞

libcoap is a C implementation of a lightweight application protocol open-sourced by obgm. A security vulnerability exists in libcoap version 4.3.5, which stems from a null pointer dereference in the coapdtlsgeneratecookie function in src/coapopenssl.c, which could lead to a denial of service atta...

PT-2025-47910

NULL pointer dereference in coap dtls generate cookie in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL get SSL CTX to return NULL...

PT-2025-47911

NULL pointer dereference in coap dtls generate cookie in src/coap openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSL get SSL CTX to return NULL...