With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity.
Information Disclosure
Wolfssl
NVD
GitHub
CVSS 4.0
2.3
EPSS
0.0%