Description
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
Remediation
References
Related Vulnerabilities
Moodle Improper Privilege Management Vulnerability (CVE-2020-25699)
Oracle Application Server Other Vulnerability (CVE-2007-0289)
WordPress Plugin Booked-Appointment Booking for WordPress Security Bypass (2.2.5)
Serendipity Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3800)
Python Inefficient Regular Expression Complexity Vulnerability (CVE-2024-6232)