Description
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DTLS 1.0 traffic to a DTLS 1.2 server.
Remediation
References
Related Vulnerabilities
WordPress Plugin GS Filterable Portfolio Cross-Site Scripting (1.6.0)
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.22)
Oracle JRE CVE-2017-10388 Vulnerability (CVE-2017-10388)
MySQL CVE-2021-2178 Vulnerability (CVE-2021-2178)
WordPress Plugin Konnichiwa! Membership Cross-Site Scripting (0.8.3)