Improper input validation in Wofssl Wolfssl
CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with dupl…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.001 (20.0th percentile) — read the EPSS interpretation.
Affected products
- Wofssl Wolfssl — versions 3.12.0