In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort.
Metrics
Affected Vendors & Products
References
History
Fri, 03 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Php
Php php |
|
| Vendors & Products |
Php
Php php |
Fri, 03 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort. | |
| Title | ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD | |
| Weaknesses | CWE-122 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: php
Published:
Updated: 2026-07-03T20:59:02.604Z
Reserved: 2026-07-01T17:52:41.706Z
Link: CVE-2026-14355
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-03T22:30:06Z