Lucene search
K

4 matches found

Snyk
Snyk
added 2024/02/20 10:45 p.m.3 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read when callback functions are enabled through the optional WOLFSSLCALLBACKS flag. An attacker can read 5 bytes from the heap via malicious TLS 1.3 connection. Remediation Upgrade wolfssl to version 5.6.6 or higher...

9.1CVSS7AI score0.006EPSS
Exploits0References2
OSV
OSV
added 2024/02/20 10:15 p.m.2 views

UBUNTU-CVE-2023-6936

In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes WOLFSSLCALLBACKS is only intended for debugging...

9.1CVSS6AI score0.006EPSS
Exploits0References3
Snyk
Snyk
added 2022/11/07 9:40 a.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow if callback functions are enabled via the WOLFSSLCALLBACKS flag. A malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. Note: WOLFSSLCALLBACKS is only intended fo...

9.1CVSS9.1AI score0.01959EPSS
Exploits2References2
OSV
OSV
added 2022/11/07 12:15 a.m.3 views

DEBIAN-CVE-2022-42905

In wolfSSL before 5.5.2, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. WOLFSSLCALLBACKS is only intended for debugging...

9.1CVSS8.7AI score0.01959EPSS
Exploits2References1
Rows per page
Query Builder