| Bug | Description |
|---|
| TEMP-0000000-2D36D7 | cyassl: RSA Padding check vulnerability |
| CVE-2022-38153 | An issue was discovered in wolfSSL before 5.5.0 (when --enable-session ... |
| CVE-2022-25640 | In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a re ... |
| CVE-2022-25638 | In wolfSSL before 5.2.0, certificate validation may be bypassed during ... |
| CVE-2022-23408 | wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situatio ... |
| CVE-2021-44718 | wolfSSL through 5.0.0 allows an attacker to cause a denial of service ... |
| CVE-2021-38597 | wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain si ... |
| CVE-2021-37155 | wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure ou ... |
| CVE-2021-24116 | In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM f ... |
| CVE-2021-3336 | DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not c ... |
| CVE-2020-36177 | RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-o ... |
| CVE-2020-24613 | wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_C ... |
| CVE-2020-24585 | An issue was discovered in the DTLS handshake implementation in wolfSS ... |
| CVE-2020-15309 | An issue was discovered in wolfSSL before 4.5.0, when single precision ... |
| CVE-2020-12457 | An issue was discovered in wolfSSL before 4.5.0. It mishandles the cha ... |
| CVE-2020-11735 | The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use ... |
| CVE-2020-11713 | wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does n ... |
| CVE-2019-19963 | An issue was discovered in wolfSSL before 4.3.0 in a non-default confi ... |
| CVE-2019-19962 | wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, lea ... |
| CVE-2019-19960 | In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist sid ... |
| CVE-2019-18840 | In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of me ... |
| CVE-2019-16748 | In wolfSSL through 4.1.0, there is a missing sanity check of memory ac ... |
| CVE-2019-15651 | wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCert ... |
| CVE-2019-14317 | wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) gen ... |
| CVE-2019-13628 | wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --ena ... |
| CVE-2019-11873 | wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when ... |
| CVE-2019-6439 | examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through ... |
| CVE-2018-16870 | It was found that wolfssl before 3.15.7 is vulnerable to a new variant ... |
| CVE-2018-12436 | wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cac ... |
| CVE-2017-13099 | wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ... |
| CVE-2017-8855 | wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a mal ... |
| CVE-2017-8854 | wolfSSL before 3.10.2 has an out-of-bounds memory access with loading ... |
| CVE-2017-6076 | In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes i ... |
| CVE-2017-2800 | A specially crafted x509 certificate can cause a single out of bounds ... |
| CVE-2016-7440 | The C software implementation of AES Encryption and Decryption in wolf ... |
| CVE-2016-7439 | The C software implementation of RSA in wolfSSL (formerly CyaSSL) befo ... |
| CVE-2016-7438 | The C software implementation of ECC in wolfSSL (formerly CyaSSL) befo ... |
| CVE-2015-7744 | wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults ... |
| CVE-2015-6925 | wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to caus ... |
| CVE-2014-6500 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ... |
| CVE-2014-6496 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ... |
| CVE-2014-6495 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ... |
| CVE-2014-6494 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, a ... |
| CVE-2014-6491 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier an ... |
| CVE-2014-6478 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, a ... |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... |
| CVE-2014-2904 | wolfssl before 3.2.0 has a server certificate that is not properly aut ... |
| CVE-2014-2903 | CyaSSL does not check the key usage extension in leaf certificates, wh ... |
| CVE-2014-2902 | wolfssl before 3.2.0 does not properly authorize CA certificate for si ... |
| CVE-2014-2901 | wolfssl before 3.2.0 does not properly issue certificates for a server ... |