2 matches found
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...
CVE-2022-31741
The Mozilla Foundation Security Advisory describes this flaw as: A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption...