« List of all CVEs

CVE-2016-2105

Published: 5/5/2016 Last updated: 8/5/2024 Reserved: 1/29/2016

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (8)

conf-libcurl conf-libssl conf-mingw-w64-openssl-i686 conf-mingw-w64-openssl-x86_64 conf-mysql conf-npm conf-openssl conf-srt-openssl

Products affected (1)

Product Vendor Version
n/a n/a 8.5.0 to 8.5.6

References (122)