Wolfssl · Wolfssl · CVE-2021-44718
**Name of the Vulnerable Software and Affected Versions**
wolfSSL versions through 5.0.0
**Description**
The issue allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle (MITM) position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers.
**Recommendations**
For wolfSSL versions through 5.0.0, update to a version later than 5.0.0 to resolve the issue. As a temporary workaround, consider restricting the acceptance of TLS messages in the client module to prevent infinite loops.