Sean Parkinson

7 exploits Active since Jun 2018
CVE-2018-12436 WRITEUP MEDIUM WRITEUP
wolfSSL <3.15.1.patch - Info Disclosure
wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVSS 4.7
CVE-2019-19960 WRITEUP MEDIUM WRITEUP
wolfSSL <4.3.0 - Info Disclosure
In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
CVSS 5.3
CVE-2019-19962 WRITEUP HIGH WRITEUP
Wolfssl < 4.3.0 - Signature Verification Bypass
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.
CVSS 7.5
CVE-2019-19963 WRITEUP MEDIUM WRITEUP
wolfSSL <4.3.0 - Info Disclosure
An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
CVSS 5.3
CVE-2020-11735 WRITEUP MEDIUM WRITEUP
Wolfssl < 4.4.0 - Information Disclosure
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."
CVSS 5.3
CVE-2020-36177 WRITEUP CRITICAL WRITEUP
Wolfssl < 4.6.0 - Out-of-Bounds Write
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
CVSS 9.8
CVE-2021-38597 WRITEUP MEDIUM WRITEUP
wolfSSL <4.8.1 - Info Disclosure
wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
CVSS 5.9