CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2022-39173 – wolfSSL Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-39173
29 Sep 2022 — In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message. • https://packetstorm.news/files/id/169600 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44718
https://notcve.org/view.php?id=CVE-2021-44718
02 Sep 2022 — wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers. wolfSSL versiones hasta 5.0.0, permite a un atacante causar una denegación de servicio y un bucle infinito en el componente cliente mediante el envío de tráfico diseñado desde una posición de tipo Machine-in-the-Middle (M... • https://github.com/wolfSSL/wolfssl/releases • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 3CVE-2022-38152 – wolfSSL Session Resumption Denial of Service
https://notcve.org/view.php?id=CVE-2022-38152
31 Aug 2022 — An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. No... • http://packetstormsecurity.com/files/170604/wolfSSL-Session-Resumption-Denial-Of-Service.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34293
https://notcve.org/view.php?id=CVE-2022-34293
08 Aug 2022 — wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped. wolfSSL versiones anteriores a 5.4.0, permite a atacantes remotos causar una denegación de servicio por medio de DTLS porque puede omitirse una comprobación de retorno de ruta • http://www.openwall.com/lists/oss-security/2022/08/08/6 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-2022-25640
https://notcve.org/view.php?id=CVE-2022-25640
24 Feb 2022 — In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate. En wolfSSL versiones anteriores a 5.2.0, un servidor TLS versión 1.3 no puede aplicar correctamente el requisito de autenticación mutua. Un cliente puede simplemente omitir el mensaje certificate_verify del handshake, y nunca presentar un certificado • https://github.com/dim0x69/cve-2022-25640-exploit • CWE-295: Improper Certificate Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25638
https://notcve.org/view.php?id=CVE-2022-25638
24 Feb 2022 — In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sig_algo field differs between the certificate_verify message and the certificate message. En wolfSSL versiones anteriores a 5.2.0, una comprobación del certificado puede ser omitida durante el intento de autenticación por parte de un cliente TLS versión 1.3 a un servidor TLS versión 1.3. Esto ocurre cuando el campo sig_algo difiere entre el mensaje ce... • https://github.com/wolfSSL/wolfssl/pull/4813 • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38597
https://notcve.org/view.php?id=CVE-2021-38597
12 Aug 2021 — wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. wolfSSL versiones anteriores a 4.8.1, omite incorrectamente la comprobación OCSP en determinadas situaciones de datos de respuesta irrelevantes que contienen la extensión NoCheck • https://github.com/wolfSSL/wolfssl/commit/f93083be72a3b3d956b52a7ec13f307a27b6e093 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24116
https://notcve.org/view.php?id=CVE-2021-24116
14 Jul 2021 — In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. En wolfSSL versiones hasta 4.6.0, una vulnerabilidad de canal lateral en la decodificación de archivos PEM base64 permite a atacantes a nivel de sistema (administrador) obtener información sobre ... • https://github.com/UzL-ITS/util-lookup/blob/main/cve-vulnerability-publication.md • CWE-203: Observable Discrepancy •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3336
https://notcve.org/view.php?id=CVE-2021-3336
29 Jan 2021 — DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The client side is affected because man-in-the-middle attackers can impersonate TLS 1.3 servers. La función DoTls13CertificateVerify en el archivo tls13.c en wolfSSL versiones hasta 4.7.0, no detiene el procesamiento para determinados comportamientos anómalos de peers (mediante el envío de una firma... • https://github.com/wolfSSL/wolfssl/pull/3676 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36177
https://notcve.org/view.php?id=CVE-2020-36177
06 Jan 2021 — RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. La función RsaPad_PSS en el archivo wolfcrypt/src/rsa.c en wolfSSL versiones anteriores a 4.6.0, presenta una escritura fuera de límites para determinadas relaciones entre el tamaño de la clave y el tamaño del resumen • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567 • CWE-787: Out-of-bounds Write •