Vulnerability Database

Published: Apr 4, 2025
Updated: Apr 30, 2025
GHSA: <a href="https://github.com/advisories/GHSA-4fcv-w3qc-ppgg" target="_blank" rel="noopener"> GHSA-4fcv-w3qc-ppgg
Severity: Medium
Exploit:

296,733

Total vulnerabilities in the database

When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result.

In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior).

The maintainers thank quitbug for reporting this vulnerability to us.

No technical information available.

CWEs:

Software	From	Fixed in
openssl	0.10.39	0.10.72

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.