Wolfssl: >> Wolfssl >> 4.7.0 Security Vulnerabilities
wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
CVSS Score
5.9
EPSS Score
0.005
Published
2021-08-12
wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.
CVSS Score
9.8
EPSS Score
0.015
Published
2021-07-21
Page 6