3 matches found
OpenSSL 资源管理错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
PT-2026-47833
Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the status request extension. This triggers a double-free in the client's certificate verification pa...
openssl: OCSP Status Request extension unbounded memory growth
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it...