FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- Possible DoS translating ASN.1 identifiers

Affected packages
openssl < 1.1.1u,1
openssl30 < 3.0.9
openssl31 < 3.1.1
openssl-quictls < 3.0.9

Details

VuXML ID eb9a3c57-ff9e-11ed-a0d1-84a93843eb75
Discovery 2023-05-30
Entry 2023-05-31

The OpenSSL project reports:

Severity: Moderate. Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow.

References

CVE Name CVE-2023-2650
URL https://www.openssl.org/news/secadv/20230530.txt