3 matches found
DEBIAN-CVE-2026-6681
The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...
CVE-2026-6681 PKCS#7 decode ignores caller output buffer size, writing past buffer bounds
The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...
The vulnerability of the OpenSSL library, which allows a hacker to trigger a service failure
The vulnerability of the PKCS7dataDecode function in the OpenSSL library is related to pointer swapping errors. Exploiting this vulnerability could allow a malicious actor to cause service failures when using the PKCS7 specification...