Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24955
HistoryApr 10, 2020 - 1:09 a.m.

Arbitrary Code Execution

2020-04-1001:09:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19

0.038 Low

EPSS

Percentile

92.0%

openssl is vulnerable to arbitrary code execution. The vulnerability exists as a double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially-crafted policy extension data.

References