One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 4292024 |
| Date de publication | 2022-03-16 06:52:51 (vue: 2022-03-16 14:05:56) |
| Titre | New Infinite Loop Bug in OpenSSL Could Let Attackers Crash Remote Servers |
| Texte | The maintainers of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service (DoS) condition when parsing certificates. Tracked as CVE-2022-0778 (CVSS score: 7.5), the issue stems from parsing a malformed certificate with invalid explicit elliptic-curve parameters, resulting in what's called an "infinite loop." The flaw |
| Notes | |
| Envoyé | Oui |
| Condensat | 0778 2022 as cve attackers bug called certificate certificates condition could crash curve parameters cvss denial dos explicit elliptic flaw from have shipped high infinite invalid issue its lead let library loop maintainers malformed new openssl parsing patches to remote resolve resulting score: security servers service severity software stems tracked what when |
| Tags | Guideline |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.