Vulnerabilities > Wolfssl > Wolfssl > 3.15.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-03 | CVE-2019-13628 | Information Exposure Through Discrepancy vulnerability in Wolfssl wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. | 1.2 |
2019-09-24 | CVE-2019-16748 | Out-of-bounds Read vulnerability in Wolfssl In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. | 7.5 |
2019-01-16 | CVE-2019-6439 | Out-of-bounds Write vulnerability in Wolfssl examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow. | 7.5 |
2019-01-03 | CVE-2018-16870 | Cryptographic Issues vulnerability in Wolfssl It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. | 4.3 |