Vulnerabilities > Wolfssl > Wolfssl > 3.6.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-13 | CVE-2016-7440 | The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. | 5.5 |
| 2016-12-13 | CVE-2016-7439 | Cryptographic Issues vulnerability in Wolfssl The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | 2.1 |
| 2016-12-13 | CVE-2016-7438 | Cryptographic Issues vulnerability in Wolfssl The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences. | 2.1 |
| 2016-01-22 | CVE-2015-6925 | Resource Management Errors vulnerability in Wolfssl wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message. | 5.0 |