CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-37155

wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/wolfSSL/wolfssl/pull/3990
https://github.com/wolfSSL/wolfssl/releases/tag/v4.8.0-stable
https://github.com/wolfSSL/wolfssl/pull/3990
https://github.com/wolfSSL/wolfssl/releases/tag/v4.8.0-stable

Products affected by CVE-2021-37155

Wolfssl » Wolfssl » Version: 4.6.0

cpe:2.3:a:wolfssl:wolfssl:4.6.0
Wolfssl » Wolfssl » Version: 4.7.0

cpe:2.3:a:wolfssl:wolfssl:4.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-37155

Products

Pricing

Contact Us