Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/06/13 2:17 a.m.11 views

SUSE CVE-2026-45447

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

7.5CVSS5.7AI score0.02719EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2026/06/11 1:9 p.m.11 views

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/09 6:32 p.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in PKCS7verify. An attacker supplying a PKCS7 or S/MIME signed message whose SignedData digestAlgorithms field is an empty ASN.1 SET can cause a caller-owned BIO to be freed during verification. A subsequent use of that B...

8.8CVSS6.2AI score0.02719EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 5:17 p.m.5 views

ALPINE-CVE-2026-45447

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References1
Rows per page
Query Builder