CNNVD-202601-1367 Information

CNNVD ID

CNNVD-202601-1367

Related CVE

CVE-2025-15346

• CNNVD Published: 2026-01-08

Description (Chinese)

wolfssl-py是wolfSSL开源的一个Python打包工具。 wolfssl-py 5.8.2及之前版本存在安全漏洞，该漏洞源于未完全强制执行客户端证书要求，可能导致身份验证不当和绕过相互TLS客户端身份验证。

Description (English)

Wolfssl-py is a Python packing tool for the open source of WolfsSL. There is a security loophole in the wolfsl-py 5.8.2 and earlier versions, which stems from the incomplete enforcement of customer certificate requirements, which may lead to inappropriate authentication and circumvention of mutual TLS client identification.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

wolfSSL

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/wolfSSL/wolfssl-py/commit/b4517dece79f682a8f453abce5cfc0b81bae769d https://github.com/wolfSSL/wolfssl-py/pull/62 https://github.com/wolfSSL/wolfssl-py/releases/tag/v5.8.4-stable

Patch

https://github.com/wolfSSL/wolfssl-py/releases