CVE-2021-46880

Published: Apr 14, 2023

Modified: Feb 7, 2025

PUBLISHED

Description

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt

https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8

https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig

https://security.netapp.com/advisory/ntap-20230517-0006/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-46880

Description

Affected Products

References