- Home
- CVEs with nessus.description==A memory leak flaw was found in the way OpenSSL handled TLS status
request extension data during session renegotiation. A remote attacker
could cause a TLS server using OpenSSL to consume an excessive amount
of memory and, possibly, exit unexpectedly after exhausting all
available memory, if it enabled OCSP stapling support.
The OpenSSL Security Advisory [22 Sep 2016] refers to additional CVEs.
CVE-2016-6305 does not affect OpenSSL 1.0.1. The remaining CVEs listed
will be fixed in a later update.
The OpenSSL Security Advisory [26 Sep 2016] refers to two additional
CVEs which do not affect OpenSSL 1.0.1.
(Updated 2016-09-26: Included a reference to the 26 Sep 2016 upstream
advisory.)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top