Vulnerabilities > Openbsd > Libressl
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-27 | CVE-2017-8301 | Improper Certificate Validation vulnerability in Openbsd Libressl 2.5.1/2.5.2/2.5.3 LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx. | 5.3 |