Search CVE reports
171 – 180 of 29718 results
Integer underflow in wc_PKCS7_DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption.
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative() accepts it without performing any trust verification; it must...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG_SIZE) sets an error code but fails to return, so execution falls through to an...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause unbounded memory consumption.
1 affected package
golang-golang-x-image
| Package | 26.04 LTS |
|---|---|
| golang-golang-x-image | Needs evaluation |
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size.
1 affected package
golang-golang-x-image
| Package | 26.04 LTS |
|---|---|
| golang-golang-x-image | Needs evaluation |
Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking...
1 affected package
wolfssl
| Package | 26.04 LTS |
|---|---|
| wolfssl | Needs evaluation |