CNNVD-202511-2589 Information
CNNVD ID
CNNVD-202511-2589
Related CVE
- CNNVD Published: 2025-11-24
Description (Chinese)
libcoap是obgm开源的一个轻量级应用程序协议的 C 实现。 libcoap 4.3.5版本存在安全漏洞,该漏洞源于src/coap_openssl.c中get_san_or_cn_from_cert函数空指针取消引用,可能导致拒绝服务攻击。
Description (English)
libcoap is the C of a lightweight application protocol from the obgm open source. There is a security loophole in version 4.3.5 of libcoap, which originates from the cancellation of references to the empty pointer of the src/coap opensl.c. Get san or cn from cert function, which may lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
obgm
Published
2025-11-24
Last Modified
2026-02-24
References
https://github.com/obgm/libcoap/pull/1750 https://github.com/obgm/libcoap/issues/1745 https://access.redhat.com/security/cve/cve-2025-65494 https://vigilance.fr/vulnerability/libcoap-multiple-vulnerabilities-dated-05-12-2025-48996
Patch
https://github.com/obgm/libcoap
Share on: