CVE-2021-41581

Name
CVE-2021-41581
Description
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/libressl-portable/openbsd/issues/126

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:* libressl >= None <= 3.4.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libressl 3.14-community 3.3.3-r0 Orion <systmkor@gmail.com> possibly vulnerable
libressl 3.13-main 3.1.5-r0 Orion <systmkor@gmail.com> possibly vulnerable
libressl 3.12-main 3.1.2-r0 Orion <systmkor@gmail.com> possibly vulnerable
libressl 3.11-main 3.0.2-r0 Orion <systmkor@gmail.com> possibly vulnerable