3 matches found
CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
PT-2025-47810
Name of the Vulnerable Software and Affected Versions wolfSSL versions 5.8.2 and earlier Description A flaw exists in the processing of TLS 1.3 CKS extensions within wolfSSL. This improper input validation can be triggered by a specially crafted ClientHello message containing duplicate CKS...
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.
...