3 matches found
PT-2026-54037
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Authenticated organization administrators can bypass server-side validation within organization security settings to persist an invalid security policy state. This is achieved by directly updating t...
The vulnerability of the OpenSSL cryptographic library, related to errors in the certificate validation process, allows a perpetrator to bypass the certificate policy checks.
The vulnerability of the OpenSSL cryptographic library is related to the disregard for invalid certificate policies in certificate chains, which are skipped by this certificate. Exploiting this vulnerability allows a malicious actor to bypass certificate policy checks remotely...
AZL-31145 CVE-2023-0465 affecting package edk2 for versions less than 20230301gitf80f052277c8-37
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...