2 matches found
CVE-2026-58102
Crypt::OpenSSL::X509 for Perl prior to 2.1.3 is vulnerable to a heap out-of-bounds read in the hv_exts code path. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code uses OBJ_obj2txt()’s return value as the hash-key...
CVE-2026-58101
CVE-2026-58101 affectsCrypt::OpenSSL::X509 on Perl up to version 2.1.3. The issue arises when parsing X509 extensions: X509V3_EXT_d2i(ext) may return NULL; subsequent dereferences of the result in basicC, ia5string, auth_att, and keyid_data occur without a NULL check. If an affected helper is inv...