Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
wolfSSL 安全漏洞
Vulnerability Description
wolfSSL(CyaSSL)是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 5.0.0及之前版本存在安全漏洞,该漏洞源于客户端模块接受了通常只发送到 TLS 服务器的 TLS 消息,攻击者利用该漏洞可以从中间机器 (MITM) 位置发送精心设计的流量,在客户端组件中造成拒绝服务和无限循环。
CVSS Information
N/A
Vulnerability Type
N/A