Severity: Unknown
Affected Package: openssl
Summary: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
The issues include improper/missing validation, NULL pointer dereferences, out-of-bounds writes, incorrect data exposure, input truncation, excessive memory allocation, and a stack buffer overflow. Security impact can be a minimal information disclosure to a potential remote code execution. See the OpenSSL advisory for specific details.
No specific recommendations provided.
Aliases: CVE-2026-22796
Published: March 16, 2026
Last Modified: March 16, 2026