Read Time:24 Second
Posted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL 5.3.0: Denial-of-service
==================================
## INFO
=======
The CVE project has assigned the id CVE-2022-38153 to this issue.
Severity: 5.9 MEDIUM
Affected version: 5.3.0
End of embargo: Ended August 30, 2022
Blog Post: https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/
## SUMMARY
==========
In wolfSSL 5.3.0 man-in-the-middle attackers or a malicious server can crash TLS
1.2…