Search for vulnerabilities
| Vulnerability ID | VCID-fczc-rsag-5bdq |
| Aliases |
CVE-2017-2800
|
| Summary | A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and possible remote code execution. In order to trigger this vulnerability, the attacker needs to supply a malicious x509 certificate to either a server or a client application using this library. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| System | Score | Found at |
|---|---|---|
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| epss | 0.08887 | https://api.first.org/data/v1/epss?cve=CVE-2017-2800 |
| Reference id | Reference type | URL |
|---|---|---|
| https://api.first.org/data/v1/epss?cve=CVE-2017-2800 | ||
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2800 | ||
| 862154 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862154 | |
| CVE-2017-2800 | Exploit | https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41984.txt |
| CVE-2017-2800 | Exploit | http://www.talosintelligence.com/reports/TALOS-2017-0293/ |
| Data source | Exploit-DB |
|---|---|
| Date added | May 9, 2017 |
| Description | wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One |
| Ransomware campaign use | Unknown |
| Source publication date | May 9, 2017 |
| Exploit type | dos |
| Platform | multiple |
| Source update date | May 9, 2017 |
| Source URL | http://www.talosintelligence.com/reports/TALOS-2017-0293/ |
| Percentile | 0.92525 |
| EPSS Score | 0.08887 |
| Published At | April 1, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T16:32:39.287518+00:00 | Debian Oval Importer | Import | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.0.0 |