Severity: Unknown
Affected Package: openssl
Summary: missing ASN1_TYPE validation in TS_RESP_verify_response()
A type confusion in the TimeStamp Response verification code accesses an ASN1_TYPE union member without validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response (Denial of Service). Severity: Low (OpenSSL).
No specific recommendations provided.
Aliases: CVE-2025-69420
Published: June 11, 2026
Last Modified: June 11, 2026