The vulnerabilities of the functions PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes(), and PKCS12_newpass() in the OpenSSL library allow a attacker to cause a service failure.

The vulnerabilities of the functions PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes, and PKCS12newpass in the OpenSSL library are related to pointer arithmetic errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

AZL-33937 CVE-2024-0727 affecting package openssl for versions less than 1.1.1k-29

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...