« List of all CVEs

CVE-2014-0221

Published: 6/5/2014 Last updated: 8/6/2024 Reserved: 12/3/2013

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (8)

conf-libcurl conf-libssl conf-mariadb conf-mingw-w64-openssl-i686 conf-mingw-w64-openssl-x86_64 conf-mysql conf-openssl conf-srt-openssl

Products affected (1)

Product Vendor Version
n/a n/a SDX55

References (256)