crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "12.0"
},
{
"last_affected": "12.0"
}
],
"vendor_product": "novell:suse_linux_enterprise_module_for_web_scripting",
"source": "CPE_STRING"
}
]
}{
"cpe": [
"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*"
],
"extracted_events": [
{
"introduced": "4.0.0"
},
{
"last_affected": "4.1.2"
},
{
"introduced": "4.2.0"
},
{
"fixed": "4.6.0"
},
{
"introduced": "6.0.0"
},
{
"fixed": "6.7.0"
}
],
"source": "CPE_RANGE"
}