An integer overflow vulnerability existed in the static...
Low severity
Unreviewed
Published
Mar 19, 2026
to the GitHub Advisory Database
•
Updated Mar 26, 2026
Description
Published by the National Vulnerability Database
Mar 19, 2026
Published to the GitHub Advisory Database
Mar 19, 2026
Last updated
Mar 26, 2026
An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.
References