Read Time:22 Second
Posted by Maximilian Ammann via Fulldisclosure on Jan 19
# wolfSSL before 5.5.0: Denial-of-service with session resumption
=================================================================
## INFO
=======
The CVE project has assigned the id CVE-2022-38152 to this issue.
Severity: 7.5 HIGH
Affected version: before 5.5.0
End of embargo: Ended August 30, 2022
Blog Post: https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/
## SUMMARY
==========
When a TLS 1.3 client…