Vulnerabilities > Wolfssl

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2022-25638 Improper Certificate Validation vulnerability in Wolfssl
In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server.
network
wolfssl CWE-295
4.3
2022-02-24 CVE-2022-25640 Improper Authentication vulnerability in Wolfssl
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication.
network
low complexity
wolfssl CWE-287
5.0
2022-01-18 CVE-2022-23408 Use of Insufficiently Random Values vulnerability in Wolfssl
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations.
network
low complexity
wolfssl CWE-330
6.4
2022-01-01 CVE-2021-45932 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45933 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45934 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45936 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45937 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45938 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).
network
wolfssl CWE-787
4.3
2022-01-01 CVE-2021-45939 Out-of-bounds Write vulnerability in Wolfssl Wolfmqtt 1.9
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).
network
wolfssl CWE-787
4.3