Filtered by vendor Wolfssl
Subscriptions
Filtered by product Wolfssl
Subscriptions
Total
51 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-18840 | 1 Wolfssl | 1 Wolfssl | 2019-11-12 | 7.5 High |
In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free. | ||||
CVE-2019-13628 | 1 Wolfssl | 1 Wolfssl | 2019-10-10 | 4.7 Medium |
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. | ||||
CVE-2018-16870 | 1 Wolfssl | 1 Wolfssl | 2019-10-09 | N/A |
It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data. | ||||
CVE-2017-13099 | 3 Arubanetworks, Siemens, Wolfssl | 4 Instant, Scalance W1750d, Scalance W1750d Firmware and 1 more | 2019-10-09 | N/A |
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." | ||||
CVE-2019-16748 | 1 Wolfssl | 1 Wolfssl | 2019-09-24 | 9.8 Critical |
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. | ||||
CVE-2019-15651 | 1 Wolfssl | 1 Wolfssl | 2019-09-03 | N/A |
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. | ||||
CVE-2017-6076 | 1 Wolfssl | 1 Wolfssl | 2019-03-13 | N/A |
In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine. | ||||
CVE-2014-2903 | 1 Wolfssl | 1 Wolfssl | 2017-10-17 | N/A |
CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake. | ||||
CVE-2016-7439 | 1 Wolfssl | 1 Wolfssl | 2016-12-24 | N/A |
The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | ||||
CVE-2016-7438 | 1 Wolfssl | 1 Wolfssl | 2016-12-24 | N/A |
The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | ||||
CVE-2015-6925 | 1 Wolfssl | 1 Wolfssl | 2016-01-25 | N/A |
wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message. |