Tlspuffin

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 5.6.6 **Description** The issue allows a malicious TLS client or network attacker to trigger a buffer over-read on the heap of 5 bytes if callback functions are enabled via the `WOLFSSL CALLBACKS` flag. This flag is only intended for debugging purposes. **Recommendations** For versions prior to 5.6.6, update to version 5.6.6 or later to resolve the issue. As a temporary workaround, consider disabling the `WOLFSSL CALLBACKS` flag to prevent exploitation.