2 matches found
CVE-2025-66199 TLS 1.3 CompressedCertificate excessive memory allocation
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
Astra Linux – Vulnerability in OpenSSL
Issue Summary: A TLS 1.3 connection that uses certificate compression can be forced to allocate a large buffer before decompression, without checking against the configured certificate size limit. Impact Summary: An attacker can cause per-connection memory allocations of up to approximately 22 Mi...