wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography.
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wolfssl | Wolfssl | * | 4.3.0 (excluding) |