CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-2901
https://notcve.org/view.php?id=CVE-2014-2901
21 Nov 2019 — wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. wolfssl versiones anteriores a 3.2.0, no emite apropiadamente certificados para un nombre de host del servidor. • http://www.openwall.com/lists/oss-security/2014/04/18/2 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-18840
https://notcve.org/view.php?id=CVE-2019-18840
09 Nov 2019 — In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free. En wolfSSL versiones 4.1.0 hasta 4.2.0c, faltan comprobaciones de saneamiento de los accesos a la memoria en el análisis de los datos... • https://github.com/wolfSSL/wolfssl/issues/2555 • CWE-787: Out-of-bounds Write •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13628
https://notcve.org/view.php?id=CVE-2019-13628
03 Oct 2019 — wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. wolfSSL y wolfCrypt versión 4.0.0 y anteriores ... • http://www.openwall.com/lists/oss-security/2019/10/02/2 • CWE-203: Observable Discrepancy •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16748
https://notcve.org/view.php?id=CVE-2019-16748
24 Sep 2019 — In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. En wolfSSL versiones hasta 4.1.0, se presenta una falta de comprobación de saneamiento de los accesos a la memoria en el análisis de los datos del certificado ASN.1 durante el protocolo de negociación (handshaking). Específicamente, se presenta una lectura excesiva de bú... • https://github.com/wolfSSL/wolfssl/issues/2459 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15651
https://notcve.org/view.php?id=CVE-2019-15651
26 Aug 2019 — wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex. wolfSSL versión 4.1.0, presenta una lectura excesiva de búfer en la región heap de la memoria por un byte en la función DecodeCertExtensions en el archivo wolfcrypt/src/asn.c porque la lectura del byte ASN_BOOLEAN no es manejada correctamente por un certificado DER especialmente diseñado en GetLength_ex. • https://github.com/wolfSSL/wolfssl/issues/2421 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2019-11873
https://notcve.org/view.php?id=CVE-2019-11873
23 May 2019 — wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack da... • http://www.securityfocus.com/bid/108466 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-6439
https://notcve.org/view.php?id=CVE-2019-6439
16 Jan 2019 — examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow. examples/benchmark/tls_bench.c en una herramienta de benchmarking en wolfSSL hasta la versión 3.15.7 tiene un desbordamiento de búfer basado en memoria dinámica (heap). • http://www.securityfocus.com/bid/106640 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16870
https://notcve.org/view.php?id=CVE-2018-16870
03 Jan 2019 — It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data. Se ha detectado que wolfssl, en versiones anteriores a la 3.15.7, es vulnerable a una nueva variante del ataque Bleichenbacher para realizar ataques de degradación contra TLS. Esto podría provocar el filtrado de datos sensibles. • http://cat.eyalro.net • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12436
https://notcve.org/view.php?id=CVE-2018-12436
15 Jun 2018 — wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. wolfcrypt/src/ecc.c en wolfSSL en versiones anteriores a la 3.15.1.patch permite un ataque de canal lateral por caché de memoria en las firmas ECDSA. Esto también se conoce como Return Of the Hidden Number ... • https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 68%CPEs: 4EXPL: 0CVE-2017-13099 – wolfSSL Bleichenbacher/ROBOT
https://notcve.org/view.php?id=CVE-2017-13099
13 Dec 2017 — wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." wolfSSL en versiones anteriores a la 3.12.2 proporciona un oráculo de Bleichenbacher débil cuando se negocia una suite de cifrado TLS que utiliza un intercambio de claves RSA. Un atacante puede recuperar la clave privada desde una aplicación wolfSSL vul... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt • CWE-203: Observable Discrepancy •