CVE-2021-3336: Improper Certificate Validation
(updated )
DoTls13CertificateVerify
in tls13.c
in wolfSSL does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate).
References
Detect and mitigate CVE-2021-3336 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →