5.8

CVE-2014-2900

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.

Data is provided by the National Vulnerability Database (NVD)
YasslCyassl Version <= 2.9.0
YasslCyassl Version0.2.0
YasslCyassl Version0.3.0
YasslCyassl Version0.4.0
YasslCyassl Version0.5.0
YasslCyassl Version0.5.5
YasslCyassl Version0.6.0
YasslCyassl Version0.6.2
YasslCyassl Version0.6.3
YasslCyassl Version0.8.0
YasslCyassl Version0.9.0
YasslCyassl Version0.9.6
YasslCyassl Version0.9.8
YasslCyassl Version0.9.9
YasslCyassl Version1.0.0 Updaterc1
YasslCyassl Version1.0.0 Updaterc2
YasslCyassl Version1.0.0 Updaterc3
YasslCyassl Version1.0.2
YasslCyassl Version1.0.3
YasslCyassl Version1.0.6
YasslCyassl Version1.1.0
YasslCyassl Version1.2.0
YasslCyassl Version1.3.0
YasslCyassl Version1.4.0
YasslCyassl Version1.5.0
YasslCyassl Version1.5.4
YasslCyassl Version1.5.6
YasslCyassl Version1.6.0
YasslCyassl Version1.6.5
YasslCyassl Version1.8.0
YasslCyassl Version1.9.0
YasslCyassl Version2.0.0 Updaterc1
YasslCyassl Version2.0.0 Updaterc2
YasslCyassl Version2.0.0 Updaterc3
YasslCyassl Version2.0.2
YasslCyassl Version2.0.6
YasslCyassl Version2.0.8
YasslCyassl Version2.2.0
YasslCyassl Version2.3.0
YasslCyassl Version2.4.0
YasslCyassl Version2.4.6
YasslCyassl Version2.5.0
YasslCyassl Version2.6.0
YasslCyassl Version2.7.0
YasslCyassl Version2.8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.29% 0.517
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N