CVE-2020-9433

2020-02-2722:40:06

mitre

www.cve.org

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

References

github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca