13 matches found
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
CVE-2026-6678
Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...
PT-2026-52586
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer underflow occurs in the wc PKCS7 DecryptOri function when processing specially crafted Other Recipient Info. This leads to incorrect length handling...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo
...
CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
DEBIAN-CVE-2026-5295
A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...
CVE-2026-5295
The CVE describes a stack buffer overflow in wolfSSL’s PKCS7 code (wc_PKCS7_DecryptOri() in wolfcrypt/src/pkcs7.c) when handling CMS EnvelopedData with an OtherRecipientInfo (ORI) recipient. A parsed OID longer than 32 bytes is copied into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) without...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from the PKCS7 implementation in the wcPKCS7DecryptOri function. This...
UBUNTU-CVE-2026-28389
Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...
CVE-2020-23447
newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...
CVE-2020-23447
newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settle. Users only need to write xss payload in their address information when buying goods, which is triggered when viewing the "View Recipient Information" of this order in "Order Management Office"...
newbee-mall 跨站脚本漏洞
newbee-mall is an e-commerce system. A cross-site scripting vulnerability exists in newbee-mall 1.0, where a user only needs to write an xss payload in the address information when purchasing a product, and the vulnerability is triggered when viewing the "View Recipient Information" of the order ...