Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the TLSXConnectionIDParse function in dtls.c and the DoTls13ClientHello function in tls13.c. A server is vulnerable only when --enable-session-ticket is set and TLS 1.3 is in use. Under those conditions, a malicious...