Security Advisory

CVE-2023-6936

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-20 21:52:02

Last updated 2025-03-26 16:28:30

Assigner wolfSSL

State PUBLISHED

Description

In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).

← Browse all CVEs View on cve.org ↗