Security Advisory

CVE-2014-2897

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-28 15:41:59

Last updated 2024-08-06 10:28:46

Assigner mitre

State PUBLISHED

Description

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.

← Browse all CVEs View on cve.org ↗