1492 matches found
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL CyaSSL that stems from a certificate validation error that could cause a client to accept a certificate...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL version 5.8.2 that stems from enabling Curve25519 blinding support by default, which may increase the ris...
PT-2025-30102
Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description The OpenSSL compatibility layer implementation had an issue with the RAND poll function, potentially leading to predictable values returned from RAND bytes after a fork call. This could resul...
PT-2025-30103
Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.2 Description In wolfSSL release 5.8.2, blinding support is enabled by default for Curve25519 in applicable builds. This feature provides an additional layer of protection against side-channel attacks aimed at extracting a...
QUIC certificate check skip with wolfSSL
...
FreeBSD : curl -- Multiple vulnerabilities (533b4470-3f25-11f0-b440-f02f7432cf97)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 533b4470-3f25-11f0-b440-f02f7432cf97 advisory. curl security team reports: CVE-2025-5025: No QUIC certificate pinning with wolfSSL...
CVE-2025-5025
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
Curl 8.5.0 < 8.14.0 Improper Certificate Validation (CVE-2025-5025)
The version of Curl installed on the remote host is is missing security update. It is, therefore, affected by a improper certificate validation vulnerability. - libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when...
SUSE CVE-2025-5025
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
[slackware-security] curl
New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.14.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: No QUIC certificate pinning with wolfSSL. QUIC certificate...
No QUIC certificate pinning with wolfSSL
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
QUIC certificate check skip with wolfSSL
libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks...
CURL-CVE-2025-5025 No QUIC certificate pinning with wolfSSL
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation when wolfSSL is used as the TLS backend for QUIC. An attacker can impersonate a legitimate server or perform a man-in-the-middle attack by exploiting a skipped certificate verification. Note: The skip of...
CVE-2025-5025
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
ALPINE-CVE-2025-5025
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
AZL-62038 CVE-2025-5025 affecting package cmake for versions less than 3.30.3-6
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
CVE-2025-5025
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
CVE-2025-5025 No QUIC certificate pinning with wolfSSL
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...
CVE-2025-5025 No QUIC certificate pinning with wolfSSL
libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...