wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-22T14:00:00
Updated: 2017-06-30T16:57:01
Reserved: 2014-04-18T00:00:00
Link: CVE-2014-2900
JSON object: View
NVD Information
Status : Modified
Published: 2014-04-22T14:23:36.317
Modified: 2017-07-01T01:29:06.030
Link: CVE-2014-2900
JSON object: View
Redhat Information
No data.
CWE