Search for packages
| purl | pkg:deb/debian/wolfssl@5.2.0-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-av4q-73pk-tucd | Improper Authentication In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the `certificate_verify` message from the handshake, and never present a certificate. |
CVE-2022-25640
|
| VCID-mtcu-yhz9-c7b8 | Improper Certificate Validation In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the `sig_algo` field differs between the `certificate_verify` message and the certificate message. |
CVE-2022-25638
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:01:31.373483+00:00 | Debian Importer | Fixing | VCID-av4q-73pk-tucd | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:41:14.006196+00:00 | Debian Importer | Fixing | VCID-mtcu-yhz9-c7b8 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T07:29:03.095867+00:00 | Debian Importer | Fixing | VCID-av4q-73pk-tucd | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:50:19.915724+00:00 | Debian Importer | Fixing | VCID-mtcu-yhz9-c7b8 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:57:43.192855+00:00 | Debian Importer | Fixing | VCID-av4q-73pk-tucd | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:57:43.145515+00:00 | Debian Importer | Fixing | VCID-mtcu-yhz9-c7b8 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |