x509/x509_verify.c in LibreSSL prior to 3.4.2, and OpenBSD prior to 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openbsd |
||
openbsd libressl |