CVE-2025-65501

Опубликовано: 24 нояб. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

Ссылки

https://github.com/obgm/libcoap/issues/1748
Issue Tracking
https://github.com/obgm/libcoap/pull/1750
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libcoap:libcoap:4.3.5:-:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2025-65501

CVSS3: 4.3

ubuntu

5 месяцев назад

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

CVE-2025-65501

CVSS3: 4.3

debian

5 месяцев назад

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap ...

GHSA-cx3h-f553-x7gw

CVSS3: 4.3

github

5 месяцев назад

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-476