Lucene search
K

6 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-236 Applications that use a non-default option when verifying certificates may be vulnerable to an...

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.3AI score0.01583EPSS
Exploits0References12
Broadcom
Broadcom
added 2024/04/17 12:0 a.m.7 views

OpenSSL Security Advisory [28th March 2023] (CVE-2023-0465, CVE-2023-0466)

Multiple OpenSSL Vulnerabilities released on28th March 2023 Invalid certificate policies in leaf certificates are silently ignored CVE-2023-0465 ========================================================= Applications that use a non-default option when verifying certificates may be vulnerable to an...

5.3CVSS6.9AI score0.01625EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/12/07 1:55 p.m.3 views

openssl: Invalid certificate policies in leaf certificates are silently ignored

A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that a...

5.3CVSS6.5AI score0.01583EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/07 12:21 p.m.4 views

openssl: Invalid certificate policies in leaf certificates are silently ignored

A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that a...

5.3CVSS6.5AI score0.01583EPSS
Exploits0References5
OSV
OSV
added 2023/03/28 3:15 p.m.2 views

ALPINE-CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS7AI score0.01583EPSS
Exploits0References1
OSV
OSV
added 2023/03/28 3:15 p.m.2 views

DEBIAN-CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.2AI score0.01583EPSS
Exploits0References1
Rows per page
Query Builder