MNBSD-2026-39: missing ASN1_TYPE validation in TS_RESP_verify_response()

Severity: Unknown

Affected Package: openssl

Summary: missing ASN1_TYPE validation in TS_RESP_verify_response()

Description

A type confusion in the TimeStamp Response verification code accesses an ASN1_TYPE union member without validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response (Denial of Service). Severity: Low (OpenSSL).

Affected Versions

openssl

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2025-69420

Published: June 11, 2026
Last Modified: June 11, 2026