216.73.216.197

CVE-2026-42791

· Published 27/05/2026 14:16 · Modified 27/05/2026 19:38

Labels: CVE-2026-42791 2026-05-276b3ad84c-e1a6-4bf7-a703-f496b71e49dbCVE-2026-42791CWE-295

Essential information

Published
27/05/2026 14:16
Modified
27/05/2026 19:38
Author
Creator
CVSS
6.3 MEDIUM (v3) 6.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case — server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate. This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
6b3ad84c-e1a6-4bf7-a703-f496b71e49db
NVD
View on NVD

Affected products (CPE)

ProductCPE
erlang / otp cpe:2.3:a:erlang:otp:27.0-27.3.4.12:*:*:*:*:*:*:*
erlang / public key cpe:2.3:a:erlang:public_key:1.16-1.17.1.3:*:*:*:*:*:*:*
erlang / public key cpe:2.3:a:erlang:public_key:1.20.3.1:*:*:*:*:*:*:*
erlang / public key cpe:2.3:a:erlang:public_key:1.21.1:*:*:*:*:*:*:*

References