VDB

GCVE-110-MAGEIA-2015-274

GCVE-110-MAGEIA-2015-274
Advisory Published
Vulnetix · Advisory published July 10, 2015
During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate (CVE-2015-1793).

Affected Products

VendorProductVersionsPlatforms
Mageiaopenssl0 (affected), 1.0.1p-1.mga4 (unaffected)
Mageiaopenssl0 (affected), 1.0.2d-1.mga5 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›