Bug 2453204 (CVE-2026-32883)
| Summary: | CVE-2026-32883 Botan: Botan: Compromised certificate validation integrity via unverified OCSP response signatures | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Botan. A remote attacker could exploit a vulnerability in the X509 path validation process where the signature of Online Certificate Status Protocol (OCSP) responses was not verified. This omission allows an attacker to provide forged OCSP responses, potentially leading to the acceptance of revoked certificates and compromising the integrity of the certificate validation.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2453750, 2453751, 2453752, 2453753, 2453754, 2453755 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-03-30 21:02:28 UTC
|