{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-34180/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-10T07:47:52.427Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-34180","@id":"https://www.cve.org/CVERecord?id=CVE-2026-34180","description":"Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive\nelement whose content exceeds 2 gigabytes in length may cause a heap buffer\nover-read on 64-bit Unix and Unix-like platforms.\n\nImpact summary: The heap buffer over-read may crash the application (Denial of\nService) or to load into the decoded ASN.1 object contents of memory beyond the\nend of the input buffer.  More typically such ASN.1 elements would instead be\ntruncated.\n\nAn integer truncation in OpenSSL's ASN.1 decod"},"products":[{"@id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 1.0.2zq, 1.1.1zh, 3.0.21, 3.4.6, 3.5.7, 3.6.3, 4.0.1.","timestamp":"2026-06-10T07:47:52.427Z"}]}