Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
wolfSSL 安全特征问题漏洞
Vulnerability Description
Wolfssl(CyaSSL)是美国Wolfssl公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 存在安全漏洞,该漏洞源于在某些情况下,5.1.1之前的x使用非随机IV值。这将影响使用TLS 1.1或1.2或TLS 1.1或1.2的AES-CBC或DES3连接(没有AEAD)。发生这种情况是因为在internal.c中的BuildMessage中错误的内存初始化。
CVSS Information
N/A
Vulnerability Type
N/A