Eclipse: >> Tinydtls >> 0.8.2 Security Vulnerabilities
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-07-08
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
CVSS Score
7.5
EPSS Score
0.008
Published
2017-03-24