VDB
CVE-2025-12889
CVE-2025-12889
PUBLISHED
CVSS 2.299999952316284 LOW
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
EPSS 0.02% · 5.6th percentile
Risk Scores
CVSS v4.0
2.299999952316284
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
EPSS Score
0.02%
5.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wolfSSL | wolfSSL | 0 |
| wolfssl | wolfssl | 5.8.4 |
Timeline
- Jan 21, 1970 Fix PR Merged
- Nov 7, 2025 CVE ID Reserved
- Nov 21, 2025 CVE Published
- Nov 22, 2025 EPSS Score
- Nov 22, 2025 Coalition ESS Score
- Nov 22, 2025 PoC Published
- Nov 27, 2025 EPSS Score
- Nov 30, 2025 Coalition ESS Score
- Dec 2, 2025 EPSS Score
- Dec 6, 2025 EPSS Score
- Dec 6, 2025 Coalition ESS Score
- Dec 8, 2025 CVE Updated