Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfssl wolfssl vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2022-23408
wolfSSL 5.x prior to 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c.
Wolfssl Wolfssl
9.8
CVSSv3
CVE-2017-2800
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL up to and including 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, ...
Wolfssl Wolfssl
1 EDB exploit
5.3
CVSSv3
CVE-2019-19960
In wolfSSL prior to 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
Wolfssl Wolfssl
7.5
CVSSv3
CVE-2019-19962
wolfSSL prior to 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.
Wolfssl Wolfssl
2 Github repositories
5.3
CVSSv3
CVE-2019-19963
An issue exists in wolfSSL prior to 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
Wolfssl Wolfssl
9.8
CVSSv3
CVE-2019-6439
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL up to and including 3.15.7 has a heap-based buffer overflow.
Wolfssl Wolfssl
2 Github repositories
5.9
CVSSv3
CVE-2021-38597
wolfSSL prior to 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
Wolfssl Wolfssl
9.8
CVSSv3
CVE-2021-37155
wolfSSL 4.6.x up to and including 4.7.x prior to 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.
Wolfssl Wolfssl
1 Github repository
8.8
CVSSv3
CVE-2023-3724
If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM (Input Keying Material) value when generating the session master secret. Using a potentially...
Wolfssl Wolfssl
7.5
CVSSv3
CVE-2019-18840
In wolfSSL 4.1.0 up to and including 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c bec...
Wolfssl Wolfssl
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »