CVE-2018-16149
axTLS vulnerability CVE-2018-16149 affects version 2.1.3 and earlier, where sig_verify() in x509.c blindly trusts ASN.1 declared lengths in PKCS#1 v1.5 signatures. When small public exponents are used, a remote attacker can create crafted signatures on X.509 certificates that trigger illegal memo...