CVE-2021-34430

The CVE-2021-34430 entry concerns the Eclipse TinyDTLS library. Affected component: TinyDTLS up to version 0.9-rc1. Root cause: reliance on the C library’s rand function, which enables remote attackers to compute the DTLS master key and decrypt traffic. Impact: confidentiality of DTLS communicati...

CVE-2017-7243

Eclipse tinydtls 0.8.2 for Eclipse IoT is vulnerable to a denial-of-service via a remote attacker sending a Change cipher spec packet without a pre-handshake, causing the DTLS peer to crash. The affected component is the tinydtls library used by Eclipse IoT; the root cause is improper handling of...