Security News > 2015 > July > OpenSSL Patches Critical Certificate Validation Vulnerability (Threatpost)

OpenSSL Patches Critical Certificate Validation Vulnerability (Threatpost)

2015-07-09 13:44

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.

News URL

http://threatpost.com/openssl-patches-critical-certificate-validation-vulnerability/113703

#critical #vulnerability #certificate #threatpost #openssl

Related news

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Openssl		1	7	48	51	13	119

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.