6 matches found
JLSEC-2026-236 Applications that use a non-default option when verifying certificates may be vulnerable to an...
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
OpenSSL Security Advisory [28th March 2023] (CVE-2023-0465, CVE-2023-0466)
Multiple OpenSSL Vulnerabilities released on28th March 2023 Invalid certificate policies in leaf certificates are silently ignored CVE-2023-0465 ========================================================= Applications that use a non-default option when verifying certificates may be vulnerable to an...
openssl: Invalid certificate policies in leaf certificates are silently ignored
A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that a...
openssl: Invalid certificate policies in leaf certificates are silently ignored
A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that a...
ALPINE-CVE-2023-0465
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...
DEBIAN-CVE-2023-0465
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...