Aina Toky Rasoamanana

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 5.2.0 **Description** The issue allows certificate validation to be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the `sig algo` field differs between the `certificate verify` message and the `certificate` message. **Recommendations** For versions prior to 5.2.0, update to version 5.2.0 or later to resolve the issue. As a temporary workaround, consider restricting TLS 1.3 connections until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 4.7.0 **Description** The issue arises from the `DoTls13CertificateVerify` function in `tls13.c`, which does not properly handle anomalous peer behavior. Specifically, it continues processing when it receives an ED22519, ED448, ECC, or RSA signature without the corresponding certificate. This affects the client side, allowing man-in-the-middle attackers to impersonate TLS 1.3 servers. **Recommendations** For versions prior to 4.7.0, update to version 4.7.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `DoTls13CertificateVerify` function in `tls13.c` until a patch is available.