OpenSSL Infinite loop when parsing certificates CVE-2022-0778

<p>A vulnerability&nbsp;CVE-2022-0778 was found in OpenSSL that allows to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate leads to a DoS (Denial of service) attack.</p><p>SonicWall is investigating its product line to determine which products and cloud services may be affected by this vulnerability.<br></p>
CVE: CVE-2022-0778
Last updated: May 6, 2022, 9:31 a.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *