wolfSSL before 3.11.0 does not prevent wc_DhAgree from accepting a malformed DH key. https://nvd.nist.gov/vuln/detail/CVE-2017-8855