CNNVD-202511-2657 Information

CNNVD ID

CNNVD-202511-2657

Related CVE

CVE-2025-65497

• CNNVD Published: 2025-11-24

Description (Chinese)

libcoap是obgm开源的一个轻量级应用程序协议的 C 实现。 libcoap 4.3.5版本存在安全漏洞，该漏洞源于src/coap_openssl.c中coap_dtls_generate_cookie函数空指针取消引用，可能导致拒绝服务攻击。

Description (English)

libcoap is the C of a lightweight application protocol from the obgm open source. Version 4.3.5 of libcoap contains a security loophole that originates from the cancellation of the empty pointer of the Cap dtls gender cookie function in src/cop opensl.c, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

obgm

Published

2025-11-24

Last Modified

2026-02-24

References

https://github.com/obgm/libcoap/pull/1750 https://github.com/obgm/libcoap/issues/1745 https://vigilance.fr/vulnerability/libcoap-multiple-vulnerabilities-dated-05-12-2025-48996

Patch

https://github.com/obgm/libcoap