VYPR

Crypt Openssl X509

by RubyGems

CVEs (2)

  • CVE-2026-58102Jul 14, 2026
    risk 0.00cvss epss

    Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes…

  • CVE-2026-58101Jul 14, 2026
    risk 0.00cvss epss

    Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also…