2 matches found
CVE-2014-2903
CVE-2014-2903 affects CyaSSL (WolfSSL) and related builds; the root cause is that key usage extension checking in leaf certificates is not performed, allowing a remote attacker to spoof a server with a certificate not authorized for SSL/TLS handshakes. The connected records corroborate the issue ...
CVE-2014-2903
CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...