← voltar
CVE-2026-5393

OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS

CVSS 6.3 MEDIUMEPSS 0.2%CWE-125
Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Produtos afetados
wolfSSL · wolfSSL

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/wolfSSL/wolfssl/pull/10079