Total
51 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13099 | 3 Arubanetworks, Siemens, Wolfssl | 4 Instant, Scalance W1750d, Scalance W1750d Firmware and 1 more | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." | |||||
| CVE-2017-8855 | 1 Wolfssl | 1 Wolfssl | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key. | |||||
| CVE-2019-16748 | 1 Wolfssl | 1 Wolfssl | 2019-09-24 | 7.5 HIGH | 9.8 CRITICAL |
| In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. | |||||
| CVE-2019-15651 | 1 Wolfssl | 1 Wolfssl | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. | |||||
| CVE-2017-6076 | 1 Wolfssl | 1 Wolfssl | 2019-03-13 | 2.1 LOW | 5.5 MEDIUM |
| In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine. | |||||
| CVE-2018-12436 | 1 Wolfssl | 1 Wolfssl | 2018-08-06 | 1.9 LOW | 4.7 MEDIUM |
| wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | |||||
| CVE-2014-2903 | 1 Wolfssl | 1 Wolfssl | 2017-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake. | |||||
| CVE-2017-8854 | 1 Wolfssl | 1 Wolfssl | 2017-05-17 | 6.8 MEDIUM | 7.8 HIGH |
| wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file. | |||||
| CVE-2016-7439 | 1 Wolfssl | 1 Wolfssl | 2016-12-24 | 2.1 LOW | 5.5 MEDIUM |
| The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | |||||
| CVE-2016-7438 | 1 Wolfssl | 1 Wolfssl | 2016-12-24 | 2.1 LOW | 5.5 MEDIUM |
| The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | |||||
| CVE-2015-6925 | 1 Wolfssl | 1 Wolfssl | 2016-01-25 | 5.0 MEDIUM | 7.5 HIGH |
| wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message. | |||||