SUSE-SU-2026:21867-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

Astra Linux - уязвимость в bouncycastle

Bouncy Castle for Java before version 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM-encoded streams containing X.509 certificates, PKCS8-encoded keys, and PKCS7 objects. Parsing a file that...

Astra Linux - уязвимость в poppler, poppler-22

NSSCryptoSignBackend.cc in Poppler before version 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, which can lead to potential signature forgeries...

CVE-2026-44310 gitsign --verify panics on empty-certificate PKCS7 and exits 0, bypassing exit-code callers

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

CVE-2026-44310

CVE-2026-44310 (gitsign) : In CertVerifier.Verify(), after GetCertificates(), the code dereferences certs[0] without validating the slice length. A CMS/PKCS7 message can have an empty certificate set, causing an index-out-of-range panic. When invoked via the gitsign --verify path (git verify-comm...

Security Bulletin: Vulnerabilities in openssl affects IBM Netezza Appliance

Summary The openssl package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2026-22796, CVE-2026-22795, CVE-2025-69421, CVE-2025-69420, CVE-2025-69419, CVE-2025-69418, CVE-2025-68160, CVE-2025-66199, CVE-2025-15469, CVE-2025-15468, CVE-2025-15467,...

Astra Linux - уязвимость в firefox, thunderbird, nss

After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

JLSEC-2026-233 openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the...

PT-2026-35580

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

ROS-20260420-73-0015

A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260420-73-0014

A vulnerability in the PKCS7digestfromattributes function of the OpenSSL library is related to insufficient checking for unusual or exceptional states. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

JLSEC-2026-87 NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures...

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...

Important: amazon-efs-utils

Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...

UBUNTU-CVE-2026-5500

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

EUVD-2026-21229

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7VerifySignedData...

DEBIAN-CVE-2026-5392

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7VerifySignedData...

UBUNTU-CVE-2026-5392

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7VerifySignedData...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the PKCS7VerifySignedData process. An attacker can cause the application to read memory outside the bounds of a heap buffer by submitting a specially crafted PKCS7 message. Remediation Upgrade wolfssl to version...

Linux Distros Unpatched Vulnerability : CVE-2026-5392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length...

DEBIAN-CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...