CVE-2020-24585 (NVD)

2020-08-21

An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application.

Products Wolfssl
Type ? (NVD-CWE-noinfo)
First patch - None (likely due to unavailable code)
Links https://github.com/wolfSSL/wolfssl/pull/3219
https://github.com/wolfSSL/wolfssl/releases/tag/v4.5.0-stable