Описание
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.10.73-1 |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/noble | released | 0.10.57-1ubuntu0.1~esm1 |
| focal | ignored | end of standard support, was needs-triage |
| jammy | not-affected | code not present |
| noble | needed | |
| oracular | ignored | end of life, was needs-triage |
| plucky | ignored | end of life, was needed |
| questing | not-affected | 0.10.72-1 |
Показывать по
Ссылки на источники
3.7 Low
CVSS3
Связанные уязвимости
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`
A flaw was found in OpenSSL's handling of the properties argument in c ...
3.7 Low
CVSS3