Description
The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.3)
WordPress Plugin Digital Publications by Supsystic Multiple Vulnerabilities (1.6.9)
Magento Improper Authorization Vulnerability (CVE-2021-21022)
WebLogic CVE-2019-2890 Vulnerability (CVE-2019-2890)
Moodle Incorrect Default Permissions Vulnerability (CVE-2012-1157)