Description
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
Remediation
References
Related Vulnerabilities
WordPress Plugin Light Post 'abspath' Parameter Remote File Include (1.4)
Moodle Other Vulnerability (CVE-2012-3398)
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17)
Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)