CVE-2026-21899

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

CVE-2026-21899

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

CVE-2026-21899

CVE-2026-21899 affects CryptoLib (SDLS-EP) used with cFS ground stations. Prior to v1.4.3, base64urlDecode dereferences input[inputLen-1] before validating inputLen or NULL input, causing an out-of-bounds read at input[-1] when inputLen==0 and potentially a NULL dereference if input==NULL and inp...

CVE-2026-21899 CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

CVE-2026-21899 CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...