CVE-2021-38597
Published
CVSS v3
5.9
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3! Update to wolfSSL 5.9.1 for the latest CVE fixes.
GitHub