Lucene search

K

Tinydtls Security Vulnerabilities

cve
cve

CVE-2021-42145

An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of...

7.5CVSS

7.3AI Score

0.0005EPSS

2024-01-24 07:15 PM
10
cve
cve

CVE-2021-42147

Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data...

9.1CVSS

8.7AI Score

0.001EPSS

2024-01-24 07:15 PM
12
cve
cve

CVE-2021-42146

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive...

7.5CVSS

7.4AI Score

0.001EPSS

2024-01-24 07:15 PM
12
cve
cve

CVE-2021-42143

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length of....

9.1CVSS

9AI Score

0.001EPSS

2024-01-24 06:15 PM
7
cve
cve

CVE-2021-42144

Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to...

9.8CVSS

8.9AI Score

0.001EPSS

2024-01-24 06:15 PM
4
cve
cve

CVE-2021-42142

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet...

9.8CVSS

8.9AI Score

0.001EPSS

2024-01-23 10:15 PM
17
cve
cve

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_exchange, and Change_cipher_spec, which may cause denial of...

9.8CVSS

9.1AI Score

0.001EPSS

2024-01-22 11:15 PM
9
cve
cve

CVE-2021-34430

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS...

7.5CVSS

7.5AI Score

0.008EPSS

2021-07-08 03:15 AM
52
1
cve
cve

CVE-2017-7243

Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without...

7.5CVSS

7.4AI Score

0.005EPSS

2017-03-24 03:59 PM
22