Description
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
Remediation
References
Related Vulnerabilities
WordPress 3.9.x Prototype Pollution (3.9 - 3.9.35)
OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3738)
WordPress Plugin Import and export users and customers Directory Traversal (1.14.2)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2582)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.22.24)