Description
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
Remediation
References
Related Vulnerabilities
WordPress Plugin MPL-Publisher-Create your Ebook & Audiobook Cross-Site Scripting (1.29.1)
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-7556)
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-5482)
WordPress Plugin WP Custom Admin Login Page Logo Unspecified Vulnerability (1.4.1)