Skip to content
The Nexus
SECURITYApr 13 · 19:56 UTCBLEEPING COMPUTERBill Toulas

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library allows attackers to bypass certificate verification by improperly checking ECDSA signatures' hash algorithms or sizes. The flaw could enable forged certificate usage, compromising secure communications.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this