In wolfSSL before 5.5.2, if callback... CVE-2022-42905

- AV AC AU C I A
发布: 2022-11-07
修订: 2024-11-21

In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)

0%

漏洞利用/PoC

当前有1条漏洞利用/PoC

受影响的平台与产品

当前有1条受影响产品信息