3 matches found
openssl: Possible DoS translating ASN.1 object identifiers
A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...
LibreSSL Memory Disclosure Vulnerability
LibreSSL is a fork of the OpenSSL cryptographic software library and is an open source implementation of the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. A memory leak vulnerability exists in the implementation of LibreSSL's OBJobj2txt function. A remote attacker could cau...
openssl: information leak in pretty printing functions
It was discovered that the OBJobj2txt function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory...