Lucene search
+L

7 matches found

cve
cve
added 2026/06/25 7:38 p.m.31 views

CVE-2026-11310

The CVE-2026-11310 entry concerns wolfSSL’s X509_verify_cert() when built with --enable-opensslextra (OPENSSL_EXTRA) and used by applications that pass untrusted intermediates to X509_verify_cert(). The root cause is that wolfSSL temporarily loads untrusted intermediates into the certificate mana...

8.7CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
alpinelinux
alpinelinux
added 2026/06/25 7:38 p.m.10 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References2
nvd
nvd
added 2026/06/25 6:16 p.m.10 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
euvd
euvd
added 2026/06/25 4:56 p.m.7 views

EUVD-2026-39496

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2
cve
cve
added 2026/06/25 4:56 p.m.29 views

CVE-2026-11999

CVE-2026-11999 affects wolfSSL when built with --enable-opensslextra. The X509_verify_cert() path-depth exhaustion in wolfSSL_X509_verify_cert() can allow an attacker-controlled certificate to be accepted if the caller supplies untrusted intermediates and the chain depth exceeds the verifier’s ma...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 4:56 p.m.38 views

CVE-2026-11999 X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.26 views

PT-2026-52511

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra when an...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References6
Rows per page
Query Builder