Kunyuk

**Name of the Vulnerable Software and Affected Versions** wolfssl (affected versions not specified) **Description** An integer overflow issue was identified in the `wolfssl add to chain` function, leading to heap corruption when certificate data exceeded the bounds of the certificate buffer. The function is utilized by the following API endpoints: `wolfSSL CTX add extra chain cert`, `wolfSSL CTX add1 chain cert`, and `wolfSSL add0 chain cert`. This issue is not remotely exploitable and requires a compromise of the application context loading certificates. The issue is triggered when using 3rd party compatibility features: `enable-opensslall`, `enable-opensslextra`, `enable-lighty`, `enable-stunnel`, `enable-nginx`, and `enable-haproxy`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.