Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wolfssl
(Wolfssl)Repositories | https://github.com/wolfSSL/wolfssl |
#Vulnerabilities | 51 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-09-02 | CVE-2021-44718 | wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers. | Wolfssl | 5.9 | ||
2016-01-22 | CVE-2015-7744 | wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack. | Mariadb, Leap, Opensuse, Wolfssl | 5.9 | ||
2022-08-08 | CVE-2022-34293 | wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped. | Wolfssl | 7.5 | ||
2019-05-23 | CVE-2019-11873 | wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet... | Wolfssl | 9.8 | ||
2022-02-24 | CVE-2022-25638 | In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sig_algo field differs between the certificate_verify message and the certificate message. | Wolfssl | 6.5 | ||
2022-01-18 | CVE-2022-23408 | wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c. | Wolfssl | 9.1 | ||
2020-04-12 | CVE-2020-11713 | wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing side-channel attacks. | Wolfssl | 7.5 | ||
2021-08-12 | CVE-2021-38597 | wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. | Wolfssl | 5.9 | ||
2021-07-21 | CVE-2021-37155 | wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response. | Wolfssl | 9.8 | ||
2019-12-11 | CVE-2019-14317 | wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces. | Wolfssl | 5.3 |