2 matches found
CVE-2026-3336
This CVE affects AWS-LC: improper certificate validation in PKCS7_verify() can bypass certificate chain verification for PKCS7 objects with multiple signers (excluding the final signer). Impact is high (integrity risk) with network attack potential. AWS customers are not required to act, but appl...
openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS
A flaw was found in OpenSSL's Online Certificate Status Protocol OCSP response functionality in the signer certificate verification routines. This flaw could result in a linked application falsely believing that an x.509 Digital Certificate is either "good" or "unknown" when revoked and requires...