Note:
This project will be discontinued after December 13, 2021. [more]
2019-12-25
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.
Products | Wolfssl |
Type | Use of a Broken or Risky Cryptographic Algorithm (CWE-327) |
First patch | - None (likely due to unavailable code) |
Patches | https://github.com/wolfSSL/wolfssl/commit/23878512c65834d12811b1107d19a001478eca5d |
Links | https://github.com/wolfSSL/wolfssl/releases/tag/v4.3.0-stable |