Search for packages
| purl | pkg:deb/debian/wolfssl@4.2.0%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-dnrg-xpru-6qc8 | wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces. |
CVE-2019-14317
|
| VCID-fzq1-jbg2-q3b4 | In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. |
CVE-2019-16748
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:46:56.318344+00:00 | Debian Importer | Fixing | VCID-fzq1-jbg2-q3b4 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:39:16.317434+00:00 | Debian Importer | Fixing | VCID-dnrg-xpru-6qc8 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:46:02.246550+00:00 | Debian Importer | Fixing | VCID-fzq1-jbg2-q3b4 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:49:04.679801+00:00 | Debian Importer | Fixing | VCID-dnrg-xpru-6qc8 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:57:42.248013+00:00 | Debian Importer | Fixing | VCID-fzq1-jbg2-q3b4 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:57:42.160598+00:00 | Debian Importer | Fixing | VCID-dnrg-xpru-6qc8 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |