
We found results for “”
CVE-2025-3416
Good to know:

Date: April 8, 2025
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Severity Score
Related Resources (9)
Severity Score
Weakness Type (CWE)
Use After Free
CWE-416Top Fix

Upgrade Version
Upgrade to version openssl - 0.10.72;https://github.com/sfackler/rust-openssl.git - openssl-v0.10.72
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | LOW |