Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts.
When building the extension hash (via extensions(), extensionsbylongname(), extensionsbyoid(), or hasextensionoid()), the code passes OBJobj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensionsbyname() uses the static shortname path and is not affected.
{
"cwe_ids": [
"CWE-125"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/58xxx/CVE-2026-58102.json",
"cna_assigner": "CPANSec"
}