First published: Wed Jan 16 2019(Updated: )
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WolfSSL wolfssl | <=3.15.7 | |
<=3.15.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2019-6439.
The severity of CVE-2019-6439 is critical.
Versions up to and including 3.15.7 of Wolfssl are affected by CVE-2019-6439.
The CWE ID for this vulnerability is CWE-119 and CWE-787.
To fix CVE-2019-6439, update to a version of Wolfssl that is later than 3.15.7.