Unrated severityNVD Advisory· Published Jan 28, 2020· Updated Aug 6, 2024
CVE-2014-2897
CVE-2014-2897
Description
The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- wolfSSL/CyaSSLdescription
Patches
Vulnerability mechanics
References
4- seclists.org/oss-sec/2014/q2/126mitrex_refsource_MISC
- seclists.org/oss-sec/2014/q2/130mitrex_refsource_MISC
- www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.htmlmitrex_refsource_CONFIRM
- www.wolfssl.com/yaSSL/Docs-cyassl-changelog.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.