High severity7.5NVD Advisory· Published Jan 22, 2016· Updated May 6, 2026

CVE-2015-6925

Description

wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Iaik/Wolfssl Dosreferences
WolfSSL/Wolfssl2 versions
cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*range: <=3.6.6
- (no CPE)range: <3.6.8

Patches

Vulnerability mechanics

References

wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.htmlnvdExploitVendor Advisory
wolfssl.com/wolfSSL/Docs-wolfssl-changelog.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000