Description
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
Remediation
References
Related Vulnerabilities
WordPress Plugin MM Forms Community 'edit_details.php' SQL Injection (1.2.3)
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
Microsoft SQL Server CVE-2023-38169 Vulnerability (CVE-2023-38169)
LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-48008)