5 matches found
openssl: Certificate policy check not enabled
A flaw was found in OpenSSL. The X509VERIFYPARAMadd0policy function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass t...
SUSE CVE-2023-0465
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
AZL-37716 CVE-2023-0465 affecting package hvloader for versions less than 1.0.1-9
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
AZL-31145 CVE-2023-0465 affecting package edk2 for versions less than 20230301gitf80f052277c8-37
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
ALPINE-CVE-2023-0466
The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...