Description
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
Remediation
References
Related Vulnerabilities
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999001)
WordPress Plugin Custom Post Type UI Cross-Site Request Forgery (1.7.3)
MySQL CVE-2021-2144 Vulnerability (CVE-2021-2144)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Directory Traversal (4.9.9)