yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted X.509 certificate.
https://exchange.xforce.ibmcloud.com/vulnerabilities/74095
http://www.yassl.com/yaSSL/Docs-cyassl-changelog.html