VYPR
Unrated severityNVD Advisory· Published Jan 28, 2020· Updated Aug 6, 2024

CVE-2014-2897

CVE-2014-2897

Description

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • wolfSSL/CyaSSLdescription
  • Yassl/Cyasslllm-fuzzy
    Range: >=2.5.0, <2.9.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.