Search for vulnerabilities
| Vulnerability ID | VCID-av4q-73pk-tucd |
| Aliases |
CVE-2022-25640
|
| Summary | Improper Authentication In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the `certificate_verify` message from the handshake, and never present a certificate. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 0.0 |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| epss | 0.05102 | https://api.first.org/data/v1/epss?cve=CVE-2022-25640 |
| Percentile | 0.89792 |
| EPSS Score | 0.05102 |
| Published At | April 2, 2026, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T12:49:36.620298+00:00 | GitLab Importer | Import | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/wolfssl/CVE-2022-25640.yml | 38.0.0 |