Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfssl wolfssl vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-8854
wolfSSL prior to 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
Wolfssl Wolfssl
5
CVSSv2
CVE-2015-6925
wolfSSL (formerly CyaSSL) prior to 3.6.8 allows remote malicious users to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.
Wolfssl Wolfssl
3 Github repositories
2.1
CVSSv2
CVE-2017-6076
In versions of wolfSSL prior to 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.
Wolfssl Wolfssl
NA
CVE-2022-42905
In wolfSSL prior to 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)
Wolfssl Wolfssl
1 Github repository
4.3
CVSSv2
CVE-2014-2903
CyaSSL does not check the key usage extension in leaf certificates, which allows remote malicious users to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.
Wolfssl Wolfssl
5
CVSSv2
CVE-2022-25640
In wolfSSL prior to 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate.
Wolfssl Wolfssl
1 Github repository
5
CVSSv2
CVE-2017-8855
wolfSSL prior to 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.
Wolfssl Wolfssl
NA
CVE-2022-34293
wolfSSL prior to 5.4.0 allows remote malicious users to cause a denial of service via DTLS because a check for return-routability can be skipped.
Wolfssl Wolfssl
1 Github repository
5
CVSSv2
CVE-2020-12457
An issue exists in wolfSSL prior to 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e.,...
Wolfssl Wolfssl
7.5
CVSSv2
CVE-2021-37155
wolfSSL 4.6.x up to and including 4.7.x prior to 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.
Wolfssl Wolfssl
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »