CVE-2022-23408
CVE-2022-23408 affects wolfSSL 5.x before 5.1.1, where non-random IV values are used in certain situations. The vulnerability arises from misplaced memory initialization in BuildMessage in internal.c, impacting connections that do not use AEAD and rely on AES-CBC or DES3 with TLS 1.1/1.2 or DTLS ...