VulnerableCode Package Details - pkg:apk/alpine/wolfssl@5.7.2-r0?arch=aarch64&distroversion=v3.21&reponame=community

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/wolfssl@5.7.2-r0?arch=aarch64&distroversion=v3.21&reponame=community

purl	pkg:apk/alpine/wolfssl@5.7.2-r0?arch=aarch64&distroversion=v3.21&reponame=community

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-1u3q-52yd-1bhe	In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.	CVE-2024-5991

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T19:07:44.527229+00:00	Alpine Linux Importer	Fixing	VCID-1u3q-52yd-1bhe	https://secdb.alpinelinux.org/v3.21/community.json	38.0.0