CVE-2025-65501

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

Published Nov 25, 2025

https://github.com/obgm/libcoap/issues/1748 https://github.com/obgm/libcoap/pull/1750

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-65501

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSL_get_app_data() returns NULL.

Published Nov 25, 2025

https://github.com/obgm/libcoap/issues/1748 https://github.com/obgm/libcoap/pull/1750

CVSS ScoreMedium

4.3


conan	libcoap	4.3.0
conan	libcoap	4.3.3
conan	libcoap	cci.20200424

Ecosystem	Package	Version


conan	libcoap	4.3.0
conan	libcoap	4.3.3
conan	libcoap	cci.20200424

Find vulnerabilities. Fix fast with AI.

CVE-2025-65501

CVE-2025-65501