Vulnerabilities > Wolfssl > Wolfssl > 3.4.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-06 | CVE-2020-36177 | Out-of-bounds Write vulnerability in Wolfssl RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | 10.0 |
2020-08-24 | CVE-2020-24613 | Improper Certificate Validation vulnerability in Wolfssl wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. | 4.9 |
2020-08-21 | CVE-2020-24585 | Unspecified vulnerability in Wolfssl An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. | 5.0 |
2020-08-21 | CVE-2020-15309 | Race Condition vulnerability in Wolfssl An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. | 7.0 |
2020-08-21 | CVE-2020-12457 | Improper Input Validation vulnerability in Wolfssl An issue was discovered in wolfSSL before 4.5.0. | 5.0 |
2020-06-25 | CVE-2020-11735 | Inadequate Encryption Strength vulnerability in Wolfssl The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak." | 5.0 |
2019-12-25 | CVE-2019-19963 | Unspecified vulnerability in Wolfssl An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. network wolfssl | 4.3 |
2019-12-25 | CVE-2019-19962 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Wolfssl wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. | 5.0 |
2019-12-25 | CVE-2019-19960 | Unspecified vulnerability in Wolfssl In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks. network wolfssl | 4.3 |
2019-12-11 | CVE-2019-14317 | Missing Encryption of Sensitive Data vulnerability in Wolfssl wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. | 4.3 |