11 matches found
JLSEC-2026-685 In function MatchDomainName(), input param str is treated as a NULL terminated string despite...
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
CVE-2026-5772
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
EUVD-2026-21218
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read in the MatchDomainName function during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. An attacker can cause a crash by supplying a crafted hostname that exhausts the entire string, resulting ...
DEBIAN-CVE-2026-5772
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
CVE-2026-5772
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
CVE-2026-5772 MatchDomainName 1-Byte Stack Buffer Over-Read in Hostname Validation
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
CVE-2026-5772
The CVE-2026-5772 issue is a 1-byte stack buffer over-read in wolfSSL’s MatchDomainName (src/internal.c) when validating wildcards with LEFT_MOST_WILDCARD_ONLY; if a wildcard exhausts the hostname, one byte past the buffer is read without bounds checking, potentially crashing the process. Evidenc...
CVE-2026-5772
A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...
wolfSSL 安全漏洞
wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. WolfSSL suffers from an out-of-bounds read vulnerability that stems from the failure to check user input in the MatchDomainName function, which can be...
PT-2024-6325 · Wolfssl +1 · Wolfssl +1
Name of the Vulnerable Software and Affected Versions: wolfSSL versions through 5.7.0 Description: The issue is related to the function MatchDomainName in the wolfSSL library, where the input parameter str is treated as a NULL terminated string despite being user-provided and unchecked. This can...