CVE-2021-41581: Out-of-bounds Read

September 24, 2021 (updated September 29, 2021)

x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks \0 termination.

References

github.com/libressl-portable/openbsd/issues/126
nvd.nist.gov/vuln/detail/CVE-2021-41581

Code Behaviors & Features

Detect and mitigate CVE-2021-41581 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →