Vulnerabilities > Wolfssl > Wolfssl > 4.1.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-09 CVE-2019-18840 Out-of-bounds Write vulnerability in Wolfssl 4.1.0/4.2.0/4.2.0C
In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking.
network
low complexity
wolfssl CWE-787
5.0
5.0
2019-09-24 CVE-2019-16748 Out-of-bounds Read vulnerability in Wolfssl
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking.
network
low complexity
wolfssl CWE-125
7.5
7.5
2019-08-26 CVE-2019-15651 Out-of-bounds Read vulnerability in Wolfssl 4.1.0
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.
network
low complexity
wolfssl CWE-125
7.5
7.5