CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24613
https://notcve.org/view.php?id=CVE-2020-24613
24 Aug 2020 — wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely impersonate any TLS 1.3 servers, and read or modify potentially sensitive information between clients using the wolfSSL library and these TLS servers. wolfSSL versiones anteriores a 4.5.0, maneja inapropiadamente los datos del servidor TLS ve... • https://research.nccgroup.com/2020/08/24/technical-advisory-wolfssl-tls-1-3-client-man-in-the-middle-attack • CWE-295: Improper Certificate Validation •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-15309
https://notcve.org/view.php?id=CVE-2020-15309
21 Aug 2020 — An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key). Se detectó un problema en wolfSSL versiones anteriores a 4.5.0, cuando no se emplea precisión simple. Unos atacantes locales pueden conducir un ataque de sincronización de caché c... • https://arxiv.org/abs/2008.12188 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12457
https://notcve.org/view.php?id=CVE-2020-12457
21 Aug 2020 — An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service. Se detectó un problema en wolfSSL versiones anteriores a 4.5.0. Maneja inapropiadamente la lógica de procesamiento de mensajes de change_cipher_spec (CCS) para TLS versión 1.3. • https://github.com/wolfSSL/wolfssl/pull/2927 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-24585
https://notcve.org/view.php?id=CVE-2020-24585
21 Aug 2020 — An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application. Se detectó un problema en la implementación del protocolo de enlace DTLS en wolfSSL versiones anteriores a 4.5.0. Borrar los mensajes application_data de DTLS en epoch 0 no producen un error fuera de orden. • https://github.com/wolfSSL/wolfssl/pull/3219 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11735
https://notcve.org/view.php?id=CVE-2020-11735
25 Jun 2020 — The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak." Las operaciones de clave privada en el archivo ecc.c en wolfSSL versiones anteriores a 4.4.0, no usan un inverso modular de tiempo constante cuando mapean a unas coordenadas afines, también se conoce como "projective coordinates leak" • https://github.com/wolfSSL/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f • CWE-203: Observable Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19960
https://notcve.org/view.php?id=CVE-2019-19960
24 Dec 2019 — In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks. En wolfSSL versiones anteriores a 4.3.0, la función wc_ecc_mulmod_ex no resiste apropiadamente a los ataques de canal lateral. • https://github.com/wolfSSL/wolfssl/commit/5ee9f9c7a23f8ed093fe1e42bc540727e96cebb8 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19962
https://notcve.org/view.php?id=CVE-2019-19962
24 Dec 2019 — wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. wolfSSL versiones anteriores a 4.3.0 maneja inapropiadamente las llamadas a la función wc_SignatureGenerateHash, conllevando a la inyección de fallos en la criptografía RSA. • https://github.com/wolfSSL/wolfssl/commit/23878512c65834d12811b1107d19a001478eca5d • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19963
https://notcve.org/view.php?id=CVE-2019-19963
24 Dec 2019 — An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce. Se detectó un problema en wolfSSL versiones anteriores a 4.3.0, en una configuración no predeterminada donde DSA está habilitado. La firma DSA utiliza el algoritmo BEEA durante la inversión modular del nonce, conllevando a un ataque de canal lateral contra el nonce. • https://github.com/wolfSSL/wolfssl/commit/7e391f0fd57f2ef375b1174d752a56ce34b2b190 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14317
https://notcve.org/view.php?id=CVE-2019-14317
11 Dec 2019 — wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces. wolfSSL and wolfCrypt versión 4.1.0 y anteriores (anteriormente conocido como CyaSSL), generan nonces DSA sesgados. Esto permite a un atacante remoto calcular la clave privada a largo plazo de varios cientos de firmas DSA... • https://www.wolfssl.com/docs/security-vulnerabilities • CWE-331: Insufficient Entropy •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-2904
https://notcve.org/view.php?id=CVE-2014-2904
21 Nov 2019 — wolfssl before 3.2.0 has a server certificate that is not properly authorized for server authentication. wolfssl versiones anteriores a 3.2.0, presenta un certificado de servidor que no está autorizado apropiadamente por la autenticación del servidor. • http://www.openwall.com/lists/oss-security/2014/04/18/2 • CWE-287: Improper Authentication •