The vulnerability of the SSL/TLS SSLWolf library, related to information disclosure due to incompatibilities, allows attackers to gain access to confidential data.

The vulnerability of the SSL/TLS library WolfSSL is related to the use of Base64 decoding functions with non-persistent execution time. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

httpd: mod_session_cookie does not respect expiry time

In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...