A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is to data confidentiality and integrity.
A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is to data confidentiality and integrity.
This flaw affects openssl 1.1.1h and above only, older versions are not affected by this flaw. OpenSSL internally and applications shipped with Red Hat Enterprise Linux compiled with OpenSSL do not use the X509_V_FLAG_X509_STRICT and therefore are not affected by this flaw.
Vulmon