CVE-2014-2900

2014-04-22T10:23:36
ID CVE-2014-2900
Type cve
Reporter NVD
Modified 2017-06-30T21:29:06

Description

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.