Lucene search
+L

46 matches found

redhatcve
redhatcve
added 2026/07/09 2:31 p.m.6 views

CVE-2026-42765

A flaw was found in OpenSSL. When an application is configured with specific non-default settings for certificate verification, including both Online Certificate Status Protocol OCSP response checking and partial chain verification, a NULL dereference can occur. This vulnerability can be triggere...

7.5CVSS7AI score0.00419EPSS
Exploits0References3
nvd
nvd
added 2026/06/25 6:16 p.m.11 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6.5CVSS0.00121EPSS
Exploits0References2
osv
osv
added 2026/06/25 6:16 p.m.5 views

UBUNTU-CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6.5CVSS5.8AI score0.00121EPSS
Exploits0References3
debiancve
debiancve
added 2026/06/25 4:46 p.m.8 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6.5CVSS5.9AI score0.00121EPSS
Exploits0
euvd
euvd
added 2026/06/25 4:46 p.m.10 views

EUVD-2026-39486

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6CVSS5.9AI score0.00121EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 4:46 p.m.7 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6CVSS5.9AI score0.00121EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/25 4:46 p.m.23 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. The vulnerability affects the wolfSSL OpenSSL compatibility certificate-path-building path (wolfSSL_X509_verify_cert / X509_STORE, OPENSSL_E...

6.5CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 4:46 p.m.21 views

CVE-2026-6091 Partial-chain verification accepts untrusted intermediate as trust anchor

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6CVSS0.00121EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 4:46 p.m.9 views

CVE-2026-6091

Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An attacker could present a chain that ends at an intermediate they control and have it accepted as valid. This affects the OpenSSL...

6.5CVSS5.8AI score0.00121EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in curl

When performing TLS-related transfers using reused easy or multi-handles, and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl may accidentally reuse a CA store cached in memory, where the partial chain option is reversed. This goes against the user’s wishes and expectations. As a result,...

5.3CVSS6.9AI score0.00679EPSS
Exploits0References3
nessus
nessus
added 2026/06/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen...

7.5CVSS5.6AI score0.00419EPSS
Exploits0References2
euvd
euvd
added 2026/06/09 6:30 p.m.15 views

EUVD-2026-35482

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

7.5CVSS5.6AI score0.00419EPSS
Exploits0References4
nvd
nvd
added 2026/06/09 5:17 p.m.17 views

CVE-2026-42765

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

7.5CVSS0.00419EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/09 4:3 p.m.11 views

CVE-2026-42765 NULL Dereference in Certificate Verification with OCSP Checking

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

5.6AI score0.00419EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/09 4:3 p.m.37 views

CVE-2026-42765 NULL Dereference in Certificate Verification with OCSP Checking

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

0.00419EPSS
Exploits0References3
osv
osv
added 2026/06/09 4:3 p.m.1 views

CVE-2026-42765 NULL Dereference in Certificate Verification with OCSP Checking

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

7.5CVSS7.1AI score0.00419EPSS
Exploits0References5
cve
cve
added 2026/06/09 4:3 p.m.36 views

CVE-2026-42765

CVE-2026-42765 describes a NULL dereference in certificate verification when OCSP response checking is enabled together with partial-chain verification. The issue triggers a crash (Denial of Service) if the verified chain lacks a self-signed trusted anchor, because for the last certificate the is...

7.5CVSS5.6AI score0.00419EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2026/06/09 4:3 p.m.13 views

CVE-2026-42765

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

7.5CVSS5.5AI score0.00419EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.17 views

PT-2026-47835

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

5.6AI score0.00419EPSS
Exploits0References4
osv
osv
added 2026/05/04 1:12 p.m.7 views

JLSEC-2026-429 When doing TLS related transfers with reused easy or multi handles and altering the ...

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

5.3CVSS6AI score0.00679EPSS
Exploits0References5
Rows per page
Query Builder