Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade openssl
to version 0.10.55 or higher.
openssl is a bindings for the Rust programming language.
Affected versions of this package are vulnerable to Buffer Overflow via the function openssl::x509::verify::X509VerifyParamRef::set_host
When this function was passed an empty string, openssl
would attempt to call strlen
on it, reading arbitrary memory until it reached a NUL byte.