CNNVD-202511-2655 Information

CNNVD ID

CNNVD-202511-2655

Related CVE

CVE-2025-65499

• CNNVD Published: 2025-11-24

Description (Chinese)

libcoap是obgm开源的一个轻量级应用程序协议的 C 实现。 libcoap 4.3.5版本存在安全漏洞，该漏洞源于src/coap_openssl.c中tls_verify_call_back函数数组索引错误，可能导致拒绝服务攻击。

Description (English)

libcoap is the C of a lightweight application protocol from the obgm open source. There is a security loophole in version 4.3.5 of libcoap, which stems from an indexing error in the src/coap opensl.c of the tls verify call back function, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

obgm

Published

2025-11-24

Last Modified

2026-02-24

References

https://github.com/obgm/libcoap/pull/1750 https://github.com/obgm/libcoap/issues/1747 https://vigilance.fr/vulnerability/libcoap-multiple-vulnerabilities-dated-05-12-2025-48996

Patch

https://github.com/obgm/libcoap