CVE-2017-8855

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-8855

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8855.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-8855

Downstream

DEBIAN-CVE-2017-8855

UBUNTU-CVE-2017-8855

Published

2017-05-09T20:29:00.240Z

Modified

2025-11-14T05:16:23.165674Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key.

References

https://github.com/wolfSSL/wolfssl/releases/tag/v3.11.0-stable

Affected packages

Git / github.com/wolfssl/wolfssl

Affected ranges

Type: GIT
Repo: https://github.com/wolfssl/wolfssl
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

edf5d6d7777196c5579f00da525550711466440d

Affected versions

v0.*

v0.5

v1.*

v1.8.8.0

v1.9.0

v2.*

v2.0.2

v2.0.3

v2.0.6

v2.0.8

v2.0rc1

v2.0rc2

v2.0rc2b

v2.0rc3

v2.1.1

v2.1.2

v2.1.4

v2.2.0

v2.2.1

v2.2.2

v2.3.0

v2.4.0

v2.4.2

v2.4.6

v2.4.7

v2.5.0

v2.5.2

v2.5.2b

v2.6.0

v2.6.2

v2.7.0

v2.7.2

v2.8.0

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.5a

v2.8.6

v2.9.0

v2.9.1

v2.9.2

v2.9.4

v3.*

v3.0.0

v3.0.2

v3.1.0

v3.10.0-stable

v3.10.0a

v3.10.2-stable

v3.10.3

v3.10.4

v3.2.0

v3.2.4

v3.2.6

v3.3.0

v3.3.3

v3.4.0

v3.4.2

v3.4.6

v3.4.8

v3.6.0

v3.6.0b

v3.6.2

v3.6.6

v3.6.8

v3.6.9

v3.6.9b

v3.6.9c

v3.6.9d

v3.69.d

v3.7.0

v3.7.1

v3.7.3

v3.8.0

v3.9.0

v3.9.1

v3.9.10-stable

v3.9.10b

v3.9.6

v3.9.6w

v3.9.8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8855.json"