Approved changes feed: RSS · Atom

cpe:2.3:a:openbsd:libressl:2.5.2:*:*:*:*:*:*:*

part: a version: 2.5.2 update: *

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductLibressl (513ce91f-ac22-56f6-beb3-ac56aac3ae95)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/libressl-portable/openbsd purl2cpe 2026-06-01 10:17:37.639101
pkg:github/libressl-portable/portable purl2cpe 2026-06-01 10:17:37.639103
pkg:rpm/opensuse/libressl purl2cpe 2026-06-01 10:17:37.639104
pkg:sourceforge/libressl-3-2-0-for-windows purl2cpe 2026-06-01 10:17:37.639105

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-8301 vulnerable 2026-06-08 05:10:08.028409 Details available
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
Published: 2017-04-27T17:00:00.000Z
Updated: 2024-08-05T16:34:22.062Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.