Description
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
Remediation
References
Related Vulnerabilities
WordPress Plugin Name Directory Cross-Site Request Forgery (1.17.4)
WordPress Plugin Free Live Chat Support Cross-Site Request Forgery (1.0.11)
WordPress Plugin Keep Backup Daily Unspecified Vulnerability (2.0.3)
Java Denial of Service (DoS) Vulnerability (CVE-2019-2762)
WordPress Plugin Contact Form 7 Multi-Step Addon Malicious Code (1.0.5)