CVE-2017-1000417

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.
Configurations

Configuration 1 (hide)

cpe:2.3:a:matrixssl:matrixssl:3.7.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-01-22 23:29

Updated : 2023-12-10 12:30


NVD link : CVE-2017-1000417

Mitre link : CVE-2017-1000417

CVE.ORG link : CVE-2017-1000417


JSON object : View

Products Affected

matrixssl

  • matrixssl
CWE
CWE-295

Improper Certificate Validation