5 matches found
EUVD-2026-13137
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...
UBUNTU-CVE-2026-2646
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...
CVE-2026-2646
CVE-2026-2646 involves a heap-buffer-overflow in wolfSSL_d2i_SSL_SESSION() when deserializing session data with SESSION_CERTS enabled. The issue stems from reading certificate and session-id lengths from untrusted input without bounds checks, which can overflow fixed-size buffers and corrupt heap...
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function
A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSLd2iSSLSESSION function. When deserializing session data with SESSIONCERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US-based wolfSSL company, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from a heap buffer overflow in the wolfSSLd2iSSLSESSION function. When...