漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello
Vulnerability Description
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
wolfSSL 安全漏洞
Vulnerability Description
wolfSSL(CyaSSL)是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL(CyaSSL) v5.8.2版本存在安全漏洞,该漏洞源于TLS 1.3 KeyShareEntry解析输入验证不当,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A