Loading...
Loading...
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
March 19, 2015
May 6, 2026
See which npm, PyPI, Go, and Maven packages are affected by CVE-2015-0287
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.