7 matches found
SUSE CVE-2026-32144
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...
Linux Distros Unpatched Vulnerability : CVE-2026-32144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing...
DEBIAN-CVE-2026-32144
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...
CVE-2026-32144
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...
CVE-2026-32144
The CVE affects Erlang OTP’s public_key OCSP validation path (pubkey_ocsp module, pkix_ocsp_validate/5) where OCSP responder verification omits cryptographic signature validation of CA-designated responders. Instead, it only checks issuer name matching and OCSPSigning EKU, enabling a maliciously ...
CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...
EEF-CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification
Summary Improper Certificate Validation vulnerability in Erlang OTP public\key pubkey\ocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in public\key:pkix\ocsp\validate/5 does not verify that a CA-designated responde...