Description
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2021-21708)
WordPress Plugin WP Editor.md Cross-Site Scripting (10.0.1)
Apache Tomcat Improper Access Control Vulnerability (CVE-2014-7810)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6125)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-3062)