Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-11932

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder

Published

2025-11-21T23:15:44.097

Last Modified

2025-12-04T16:09:31.650

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-203

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wolfssl	wolfssl	5.8.2	Yes

References

https://github.com/wolfSSL/wolfssl/pull/9223 Issue Tracking, Patch ([email protected])