Description
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin User Profile Picture Information Disclosure (2.4.0)
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-1755)
Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)
WordPress Plugin Abandoned Cart Lite for WooCommerce Security Bypass (5.14.2)
MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1971)