Vulnerabilities > Wolfssl > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-07 | CVE-2022-42905 | Out-of-bounds Read vulnerability in Wolfssl In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. | 9.1 |
| 2022-01-18 | CVE-2022-23408 | Use of Insufficiently Random Values vulnerability in Wolfssl 5.0.0/5.1.0 wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. | 9.1 |
| 2021-07-21 | CVE-2021-37155 | Unspecified vulnerability in Wolfssl 4.6.0/4.7.0 wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response. | 9.8 |
| 2021-01-06 | CVE-2020-36177 | Out-of-bounds Write vulnerability in Wolfssl RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | 9.8 |
| 2020-01-28 | CVE-2014-2898 | Out-of-bounds Read vulnerability in Wolfssl wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure. | 9.8 |
| 2020-01-28 | CVE-2014-2897 | Out-of-bounds Read vulnerability in Wolfssl The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read. | 9.8 |
| 2020-01-28 | CVE-2014-2896 | Out-of-bounds Read vulnerability in Wolfssl The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read. | 9.8 |
| 2019-09-24 | CVE-2019-16748 | Out-of-bounds Read vulnerability in Wolfssl In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. | 9.8 |
| 2019-08-26 | CVE-2019-15651 | Out-of-bounds Read vulnerability in Wolfssl 4.1.0 wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. | 9.8 |
| 2019-05-23 | CVE-2019-11873 | Out-of-bounds Write vulnerability in Wolfssl 4.0 wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. | 9.8 |