CVE-2026-4159 in wolfSSLИнформация

Сводка

по MITRE • 20.03.2026

1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Источники