CVE-2023-6936

MEDIUM

Wolfssl < 5.6.6 - Buffer Over-read

Title source: rule

Description

In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).

References (2)

Scores

CVSS v3 5.3
EPSS 0.0027
EPSS Percentile 50.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-125 CWE-126
Status published
Products (1)
wolfssl/wolfssl < 5.6.6
Published Feb 20, 2024
Tracked Since Feb 18, 2026