EPSS
Percentile
30.7%
tlslite-ng is vulnerable to improper verification of MAC. The vulnerability exists as an off-by-one error occurs during the verification of MAC when the padding is a single 0x00 byte, resulting in having the MAC to always be verified.
0x00
github.com/tomato42/tlslite-ng/commit/3674815d1b0f7484454995e2737a352e0a6a93d8
github.com/tomato42/tlslite-ng/pull/234