Unrated severityNVD Advisory· Published Feb 20, 2024· Updated Mar 26, 2025
Heap-buffer over-read with WOLFSSL_CALLBACKS
CVE-2023-6936
Description
In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/wolfSSL/wolfssl/pull/6949/mitrepatch
- www.wolfssl.com/docs/security-vulnerabilities/mitrevendor-advisory
News mentions
0No linked articles in our index yet.