Security News > 2015 > July > OpenSSL Patches Critical Certificate Validation Vulnerability (Threatpost)

OpenSSL Patches Critical Certificate Validation Vulnerability (Threatpost)

2015-07-09 13:44

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.

News URL

http://threatpost.com/openssl-patches-critical-certificate-validation-vulnerability/113703

#critical #vulnerability #certificate #threatpost #openssl

Related news

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access (source)
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection (source)
BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Openssl		1	7	48	51	12	118

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.