JLSEC-2026-724

Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-724.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-724.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-724
Upstream
  • EUVD-2026-21233
  • GHSA-5jqq-xpcr-q3r7
Published
2026-07-14T21:41:35.775Z
Modified
2026-07-14T21:50:12.241371164Z
Severity
  • 2.3 (Low) CVSS_V4 - CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/U:Green CVSS Calculator
Summary
X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow...
Details

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

Database specific
{
    "sources": [
        {
            "id": "CVE-2026-5448",
            "database_specific": {
                "status": "Analyzed"
            },
            "imported": "2026-07-14T21:22:49.329Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-5448",
            "modified": "2026-06-17T10:59:02.840Z",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5448",
            "published": "2026-04-10T00:16:35.890Z"
        },
        {
            "id": "GHSA-5jqq-xpcr-q3r7",
            "imported": "2026-07-14T21:22:57.313Z",
            "url": "https://api.github.com/advisories/GHSA-5jqq-xpcr-q3r7",
            "modified": "2026-04-29T15:30:36Z",
            "html_url": "https://github.com/advisories/GHSA-5jqq-xpcr-q3r7",
            "published": "2026-04-10T00:30:31Z"
        },
        {
            "id": "EUVD-2026-21233",
            "imported": "2026-07-14T21:22:51.705Z",
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-21233",
            "modified": "2026-04-10T13:51:56Z",
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-21233",
            "published": "2026-04-09T23:18:15Z"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / wolfSSL_jll

Package

Name
wolfSSL_jll
Purl
pkg:julia/wolfSSL_jll?uuid=98c43586-9870-5ae5-ab22-acc77b9bbdb5

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.9.2+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-724.json"