OSV-2025-1049 Heap-buffer-overflow in unsigned char* std::__1::vector<unsigned char, std::__1::allocator<unsigned char

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=472222304 Crash type: Heap-buffer-overflow READ 1 Crash state: unsigned char std::1::vectorunsigned char, std::1::allocatorunsigned char pcpp::TLSECPointFormatExtension::getECPointFormatList...

openssl: race condition in ssl_parse_serverhello_tlsext

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

Scientific Linux Security Update : openssl on SL6.x i386/x86_64 (20140813)

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

Medium: openssl

Issue Overview: A flaw was discovered in the way OpenSSL handled DTLS packets. A remote attacker could use this flaw to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory. Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL...

Vulnerability in OpenSSL - Race condition in ssl_parse_serverhello_tlsext

A race condition was found in sslparseserverhellotlsext. If a multithreaded client connects to a malicious server using a resumed session and the server sends an ec point format extension, it could write up to 255 bytes to freed memory. Found by Gabor Tyukasz LogMeIn Inc...