Security Advisory

CVE-2025-11933

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-21 22:19:08

Last updated 2025-12-08 15:47:25

Assigner wolfSSL

State PUBLISHED

Description

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions.

← Browse all CVEs View on cve.org ↗