x509constraintsparsemailbox in lib/libcrypto/x509/x509constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAINPARTMAX_LEN, the buffer lacks '\0' termination.
{
"unresolved_ranges": [
{
"source": "CPE_RANGE",
"cpes": [
"cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:*"
],
"vendor_product": "openbsd:libressl",
"extracted_events": [
{
"last_affected": "3.4.0"
}
]
}
]
}