CVE-2026-21899 CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

The vulnerability of the mbedtls_lms_verify() function in Mbed TLS software allows a hacker to bypass existing security restrictions.

The vulnerability of the mbedtlslmsverify function in Mbed TLS is related to the absence of a necessary encryption step. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions...

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib 1.3.3 and earlier versions, which stems from a memory leak in the cryptohandleincrementingnontransmittedcount...

CVE-2023-50980

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...