CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-45936
https://notcve.org/view.php?id=CVE-2021-45936
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType). wolfSSL wolfMQTT versión 1.9, presenta un desbordamiento de búfer en la región heap de la memoria en la función MqttDecode_Disconnect (llamado desde MqttClient_DecodePacket y MqttClient_WaitType). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39053 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1348.yaml https://github.com/wolfSSL/wolfMQTT/commit/84d4b53122e0fa0280c7872350b89d5777dabbb2 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-45937
https://notcve.org/view.php?id=CVE-2021-45937
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect). wolfSSL wolfMQTT versión 1.9, presenta un desbordamiento de búfer en la región heap de la memoria en la función MqttClient_DecodePacket (llamado desde MqttClient_WaitType y MqttClient_Connect). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39083 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1349.yaml https://github.com/wolfSSL/wolfMQTT/commit/84d4b53122e0fa0280c7872350b89d5777dabbb2 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-45938
https://notcve.org/view.php?id=CVE-2021-45938
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe). wolfSSL wolfMQTT versión 1.9, presenta un desbordamiento de búfer en la región heap de la memoria en la función MqttClient_DecodePacket (llamado desde MqttClient_WaitType y MqttClient_Unsubscribe). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39056 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1353.yaml https://github.com/wolfSSL/wolfMQTT/commit/84d4b53122e0fa0280c7872350b89d5777dabbb2 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2021-45939
https://notcve.org/view.php?id=CVE-2021-45939
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). wolfSSL wolfMQTT versión 1.9, presenta un desbordamiento de búfer en la región heap de la memoria en MqttClient_DecodePacket (llamado desde MqttClient_WaitType y MqttClient_Subscribe). • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39103 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1361.yaml https://github.com/wolfSSL/wolfMQTT/commit/84d4b53122e0fa0280c7872350b89d5777dabbb2 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38597
https://notcve.org/view.php?id=CVE-2021-38597
wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. wolfSSL versiones anteriores a 4.8.1, omite incorrectamente la comprobación OCSP en determinadas situaciones de datos de respuesta irrelevantes que contienen la extensión NoCheck • https://github.com/wolfSSL/wolfssl/commit/f93083be72a3b3d956b52a7ec13f307a27b6e093 https://www.wolfssl.com/docs/wolfssl-changelog • CWE-345: Insufficient Verification of Data Authenticity •