← back
CVE-2019-10914

CVE-2019-10914

EPSS 1.4%
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.chromium.org/p/project-zero/issues/detail?id=1785https://github.com/matrixssl/matrixssl/issues/26https://github.com/matrixssl/matrixssl/releases/tag/4-0-2-openhttps://www.openwall.com/lists/oss-security/2019/02/15/1