5.8

CVE-2014-2900

wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
YasslCyassl Version <= 2.9.0
YasslCyassl Version0.2.0
YasslCyassl Version0.3.0
YasslCyassl Version0.4.0
YasslCyassl Version0.5.0
YasslCyassl Version0.5.5
YasslCyassl Version0.6.0
YasslCyassl Version0.6.2
YasslCyassl Version0.6.3
YasslCyassl Version0.8.0
YasslCyassl Version0.9.0
YasslCyassl Version0.9.6
YasslCyassl Version0.9.8
YasslCyassl Version0.9.9
YasslCyassl Version1.0.0 Updaterc1
YasslCyassl Version1.0.0 Updaterc2
YasslCyassl Version1.0.0 Updaterc3
YasslCyassl Version1.0.2
YasslCyassl Version1.0.3
YasslCyassl Version1.0.6
YasslCyassl Version1.1.0
YasslCyassl Version1.2.0
YasslCyassl Version1.3.0
YasslCyassl Version1.4.0
YasslCyassl Version1.5.0
YasslCyassl Version1.5.4
YasslCyassl Version1.5.6
YasslCyassl Version1.6.0
YasslCyassl Version1.6.5
YasslCyassl Version1.8.0
YasslCyassl Version1.9.0
YasslCyassl Version2.0.0 Updaterc1
YasslCyassl Version2.0.0 Updaterc2
YasslCyassl Version2.0.0 Updaterc3
YasslCyassl Version2.0.2
YasslCyassl Version2.0.6
YasslCyassl Version2.0.8
YasslCyassl Version2.2.0
YasslCyassl Version2.3.0
YasslCyassl Version2.4.0
YasslCyassl Version2.4.6
YasslCyassl Version2.5.0
YasslCyassl Version2.6.0
YasslCyassl Version2.7.0
YasslCyassl Version2.8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.517
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N