Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the wcPKCS7DecodeEnvelopedData function when processing a crafted CMS EnvelopedData message containing zero-length encrypted content. An attacker can cause a 1-byte out-of-bounds heap read by supplying such a...