Описание
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
Ссылки
- Issue Tracking
- Issue TrackingPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:libcoap:libcoap:4.3.5:-:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00184
Низкий
7.5 High
CVSS3
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 7.5
ubuntu
2 месяца назад
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
CVSS3: 7.5
debian
2 месяца назад
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 a ...
CVSS3: 7.5
github
2 месяца назад
NULL pointer dereference in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIO_get_data() to return NULL.
EPSS
Процентиль: 40%
0.00184
Низкий
7.5 High
CVSS3
Дефекты
CWE-476