2 matches found
AZL-76161 CVE-2026-22796 affecting package hvloader for versions less than 1.0.1-18
Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS7 data where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS7 data. Impact summary: An application...
AZL-47703 CVE-2024-28960 affecting package hvloader for versions less than 1.0.1-6
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...