Description
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Forms:3rd-Party Inject Results Cross-Site Scripting (0.2)
Drupal Core 8.9.x Cross-Site Scripting (8.9.0 - 8.9.17)
WordPress Plugin OneSignal-Web Push Notifications Cross-Site Scripting (1.17.7)
MySQL CVE-2019-2628 Vulnerability (CVE-2019-2628)
Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)