CVE-2017-8855

Published May 9th, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.

wolfSSL/wolfssl

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3! Update to wolfSSL 5.9.1 for the latest CVE fixes.

GitHub

2.85K