3 matches found
DEBIAN-CVE-2026-6678
Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...
UBUNTU-CVE-2026-42766
Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...
CLSA-2025-1746792031 golang: Fix of 2 CVEs
CVE-2024-34156: prevent prevents stack exhaustion when attempting to decode a message that contains an extremely deeply nested struct - CVE-2023-45287: replace big.Int for encryption and decryption...