3 matches found
CVE-2022-39368 Californium Failing DTLS handshakes causes Data Loss due to throttling blocking processing of records
Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached...
PT-2022-24935 · Eclipse · Eclipse Californium
Name of the Vulnerable Software and Affected Versions: Eclipse Californium versions prior to 3.7.0 Eclipse Californium versions prior to 2.7.4 Description: Eclipse Californium, a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services, is vulnerable to a Denial of...
californium-core: DTLS - DoS vulnerability for certificate based handshakes
A flaw was found in californium. The certificate based x509 and RPK DTLS handshakes fails due to the DTLS server side being set to a wrong internal state by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The highest threat from this vulnerability is to system...