Description
The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin Thrive Headline Optimizer Security Bypass (1.3.7.2)
MySQL CVE-2013-1567 Vulnerability (CVE-2013-1567)
WordPress Plugin WP Yelp Review Slider SQL Injection (7.0)
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.12)
OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1563)