Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/22 10:10 p.m.8 views

CVE-2022-39173

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list ...

7.5CVSS7.3AI score0.04343EPSS
Exploits2References1
packetstorm
packetstorm
added 2022/10/31 12:0 a.m.287 views

wolfSSL Buffer Overflow

wolfssl before 5.5.1: CVE-2022-39173 Buffer overflow when refining cipher suites ================================================================================== INFO ======= The CVE project has assigned the id CVE-2022-39173 to this issue. Severity: high 7.5 Affected version: before 5.5.1 End ...

7.5CVSS0.4AI score0.04343EPSS
Exploits2
openwrt
openwrt
added 2022/10/04 12:0 a.m.97 views

Security Advisory 2022-10-04-1 - wolfSSL buffer overflow during a TLS 1.3 handshake (CVE-2022-39173)

DESCRIPTION In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow on server during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are...

7.5CVSS7.7AI score0.04343EPSS
Exploits2
cve
cve
added 2022/09/29 12:0 a.m.100 views

CVE-2022-39173

CVE-2022-39173 affects wolfSSL prior to 5.5.1. The issue arises during a TLS 1.3 handshake when a resumed session is abused: a malicious client triggers a Hello Retry Request, and two Client Hello messages are exchanged, each listing duplicate cipher suites, causing a buffer overflow in the wolfS...

7.5CVSS7.5AI score0.04343EPSS
Exploits2References5Affected Software1
vulnrichment
vulnrichment
added 2022/09/29 12:0 a.m.6 views

CVE-2022-39173

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list ...

7.7AI score0.04343EPSS
Exploits2References5
ubuntucve
ubuntucve
added 2022/09/29 12:0 a.m.22 views

CVE-2022-39173

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list ...

7.5CVSS7.4AI score0.04343EPSS
Exploits2References3
Rows per page
Query Builder