CVE-2020-24585: Cryptographic Issues

August 21, 2020 (updated August 26, 2020)

An issue was discovered in the DTLS handshake implementation in wolfSSL. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application.

References

nvd.nist.gov/vuln/detail/CVE-2020-24585

Code Behaviors & Features

Detect and mitigate CVE-2020-24585 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →