2 matches found
CVE-2017-8855
wolfSSL before 3.11.0 does not prevent wcDhAgree from accepting a malformed DH key...
CVE-2017-8855
CVE-2017-8855 affects wolfSSL before 3.11.0. The issue is that wc_DhAgree may accept a malformed DH key, exposing integrity (and potentially confidentiality) to compromise; CVSS vectors in public data show overall high impact. Remediation is to upgrade to wolfSSL 3.11.0 or later (e.g., 3.11.0-sta...