Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.18 views

CVE-2026-42791

A flaw was found in Erlang OTP's publickey application, specifically in the Online Certificate Status Protocol OCSP response verification. A remote attacker who has obtained the private key of an expired Certificate Authority CA-designated OCSP responder certificate can forge OCSP responses. This...

6.3CVSS5.9AI score0.00316EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.15 views

SUSE CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

7.4CVSS5.8AI score0.00316EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:16 p.m.13 views

CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS0.00316EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:16 p.m.7 views

UBUNTU-CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/05/27 12:23 p.m.39 views

CVE-2026-42791 OCSP responder certificate validity period not checked in public_key

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS0.00316EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/27 12:23 p.m.11 views

EUVD-2026-32273

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/27 12:23 p.m.10 views

CVE-2026-42791 OCSP responder certificate validity period not checked in public_key

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:23 p.m.13 views

CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43713

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 27.0 through 27.3.4.11 Erlang OTP versions prior to 28.5.0.1 Erlang OTP versions prior to 29.0.1 public key versions 1.16 through 1.17.1.2 public key versions prior to 1.20.3.1 public key versions prior to 1.21.1 Descriptio...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References33
Rows per page
Query Builder