cvedb.io
CVE-2022-43974
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2023-01-09T09:15:10.043 · Last modified 2026-06-17T05:07:34.493

Summary

MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0.

Affected products

matrixssl — matrixssl

Does this affect you?

Add your gear to cvedb and we'll alert you only when matrixssl ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.