CVE-2009-0642

Priority
Description
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the
return value from the OCSP_basic_verify function, which might allow remote
attackers to successfully present an invalid X.509 certificate, possibly
involving a revoked certificate.
Assigned-to
mdeslaur
More Information

Updated: 2019-03-19 11:49:05 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)