Denial of Service (DoS)
Affecting openssl package, versions >=1.0.1, <1.0.109 || >=18.104.22.168, <1.0.211
OpenSSL is a SSL/TLS and Crypto toolkit. Deprecated in Mac OS and gone in iOS, this spec gives your project non-deprecated OpenSSL support.
Affected versions of this package are vulnerable to Denial of Service (DoS).
The DTLS implementation in does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to
OpenSSL to version 1.0.109, 1.0.211 or higher.