Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfssl wolfssl vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-16870
It was found that wolfssl prior to 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.
Wolfssl Wolfssl
5.3
CVSSv3
CVE-2019-14317
wolfSSL and wolfCrypt 4.1.0 and previous versions (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote malicious user to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bit...
Wolfssl Wolfssl
5.9
CVSSv3
CVE-2021-38597
wolfSSL prior to 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
Wolfssl Wolfssl
6.8
CVSSv3
CVE-2020-24613
wolfSSL prior to 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely imperson...
Wolfssl Wolfssl
7.5
CVSSv3
CVE-2022-39173
In wolfSSL prior to 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required...
Wolfssl Wolfssl
9.8
CVSSv3
CVE-2021-37155
wolfSSL 4.6.x up to and including 4.7.x prior to 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.
Wolfssl Wolfssl
1 Github repository
9.8
CVSSv3
CVE-2017-2800
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL up to and including 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, ...
Wolfssl Wolfssl
1 EDB exploit
4.9
CVSSv3
CVE-2021-24116
In wolfSSL up to and including 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) malicious users to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environm...
Wolfssl Wolfssl
6.5
CVSSv3
CVE-2022-25638
In wolfSSL prior to 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sig_algo field differs between the certificate_verify message and the certificate message.
Wolfssl Wolfssl
7.5
CVSSv3
CVE-2022-25640
In wolfSSL prior to 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate.
Wolfssl Wolfssl
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »