2 matches found
JLSEC-2026-260 Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
AZL-75284 CVE-2025-66199 affecting package openssl for versions less than 3.3.5-3
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...