44 matches found
CVE-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
CVE-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
CVE-2026-28390
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...
PT-2026-31039
Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0 through 3.6 Description Processing a specially crafted CMS EnvelopedData message with KeyTransportRecipientInfo can lead to a NULL pointer dereference. This can cause applications that process attacker-controlled CMS data ...