Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24822
HistoryApr 10, 2020 - 1:06 a.m.

Denial Of Service (DoS)

2020-04-1001:06:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20

0.185 Low

EPSS

Percentile

96.2%

openssl is vulnerable to denial of service. It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake.

References