Vulnerability in OpenSSL - CMS verify infinite loop with unknown hash function
When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. This can be used to perform denial of service against any system which verifies signedData messages using the CMS code. Found by Johannes Bauer...