4 matches found
httpd: mod_md: unrestricted OCSP response leads to resource exhaustion
A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...
httpd: mod_md: unrestricted OCSP response leads to resource exhaustion
A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...
UBUNTU-CVE-2026-32883
Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...
The vulnerability of the software for interacting with servers via CURL is related to errors in the certificate validation process, which allows attackers to compromise data integrity.
The vulnerability of the software for interacting with servers via CURL is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to manipulate data integrity through OCSP responses...