CVE-2014-2900

Опубликовано: 22 апр. 2014

Источник: debian

Описание

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cyassl	fixed	2.9.4+dfsg-1		package

Связанные уязвимости

CVE-2014-2900

nvd

почти 12 лет назад

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.

GHSA-rjjg-j224-h375

github

больше 3 лет назад

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.