Common Weakness Enumeration

CWE-295

Allowed

Improper Certificate Validation

Abstraction: Base · Status: Draft

The product does not validate, or incorrectly validates, a certificate.

1908 vulnerabilities reference this CWE, most recent first.

GHSA-2JP3-FVM5-PQ7W

Vulnerability from github – Published: 2022-05-17 00:26 – Updated: 2022-05-17 00:26
VLAI
Details

niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2015-5639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-10T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.",
  "id": "GHSA-2jp3-fvm5-pq7w",
  "modified": "2022-05-17T00:26:26Z",
  "published": "2022-05-17T00:26:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5639"
    },
    {
      "type": "WEB",
      "url": "http://blog.nicovideo.jp/niconews/ni055746.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN20355129/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000137.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/76906"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2M7G-9Q74-9M3Q

Vulnerability from github – Published: 2020-05-06 20:49 – Updated: 2021-08-25 21:06
VLAI
Summary
Improper Certificate Validation in Apache Beam
Details

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust checking for any code running in the same JVM.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.16.0"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.beam:beam-sdks-java-io-mongodb"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.17.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-1929"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-05-06T20:48:51Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust checking for any code running in the same JVM.",
  "id": "GHSA-2m7g-9q74-9m3q",
  "modified": "2021-08-25T21:06:45Z",
  "published": "2020-05-06T20:49:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1929"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/beam/commit/a7dd23d95d2d214b4110781b5a28802bd43b834b"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/beam"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdd0e85b71bf0274471b40fa1396d77f7b2d1165eaea4becbdc69aa04%40%3Cuser.beam.apache.org%3E"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Certificate Validation in Apache Beam"
}

GHSA-2MC2-G238-722J

Vulnerability from github – Published: 2026-03-03 21:35 – Updated: 2026-03-03 21:35
VLAI
Summary
OpenClaw affected by iMessage remote attachment SCP hardening (strict host-key checks and remoteHost validation)
Details

Summary

Remote iMessage attachment fetches used SCP with trust-on-first-use host-key behavior and accepted unvalidated remote host tokens.

Before the fix: - SCP used StrictHostKeyChecking=accept-new in the remote attachment path. - channels.imessage.remoteHost was not validated as a strict SSH host token.

Impact

In remote iMessage deployments that use SCP attachment fetching, a first-connection MITM/DNS-poisoning scenario could cause the wrong host key to be trusted. Unsafe remote host token values could also alter SCP argument semantics.

Affected Packages / Versions

  • Package: openclaw (npm)
  • Latest published npm version currently affected: 2026.2.17
  • Vulnerable range (structured field): <= 2026.2.17
  • Patched version (pre-set for next release): >= 2026.2.19

Fix

The fix hardens remote attachment SSH/SCP handling by: - requiring StrictHostKeyChecking=yes for SCP and SSH tunnel paths, - adding strict remoteHost normalization/validation, - adding -- argument barrier for SCP remote source parsing, - validating channels.imessage.remoteHost in config schema, - rejecting unsafe auto-detected host tokens at runtime.

Fix Commit(s)

  • Pushed to main: 49d0def6d1e88f002026b1d2a35aa615d48a751a

OpenClaw thanks @allsmog for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.2.17"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.2.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-78"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-03T21:35:21Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nRemote iMessage attachment fetches used SCP with trust-on-first-use host-key behavior and accepted unvalidated remote host tokens.\n\nBefore the fix:\n- SCP used `StrictHostKeyChecking=accept-new` in the remote attachment path.\n- `channels.imessage.remoteHost` was not validated as a strict SSH host token.\n\n## Impact\n\nIn remote iMessage deployments that use SCP attachment fetching, a first-connection MITM/DNS-poisoning scenario could cause the wrong host key to be trusted. Unsafe remote host token values could also alter SCP argument semantics.\n\n## Affected Packages / Versions\n\n- Package: `openclaw` (npm)\n- Latest published npm version currently affected: `2026.2.17`\n- Vulnerable range (structured field): `\u003c= 2026.2.17`\n- Patched version (pre-set for next release): `\u003e= 2026.2.19`\n\n## Fix\n\nThe fix hardens remote attachment SSH/SCP handling by:\n- requiring `StrictHostKeyChecking=yes` for SCP and SSH tunnel paths,\n- adding strict `remoteHost` normalization/validation,\n- adding `--` argument barrier for SCP remote source parsing,\n- validating `channels.imessage.remoteHost` in config schema,\n- rejecting unsafe auto-detected host tokens at runtime.\n\n## Fix Commit(s)\n\n- Pushed to `main`: 49d0def6d1e88f002026b1d2a35aa615d48a751a\n\nOpenClaw thanks @allsmog for reporting.",
  "id": "GHSA-2mc2-g238-722j",
  "modified": "2026-03-03T21:35:21Z",
  "published": "2026-03-03T21:35:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-2mc2-g238-722j"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/49d0def6d1e88f002026b1d2a35aa615d48a751a"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw affected by iMessage remote attachment SCP hardening (strict host-key checks and remoteHost validation)"
}

GHSA-2MMV-7RRP-G8XH

Vulnerability from github – Published: 2026-01-12 16:13 – Updated: 2026-01-12 20:07
VLAI
Summary
Weblate command-line client susceptible to SSL verification skip
Details

Impact

The SSL verification would be skipped for some crafted URLs.

Patches

  • https://github.com/WeblateOrg/wlc/pull/1097

Workarounds

Avoid using untrusted wlc configurations, as that might cause insecure connections.

References

This issue was reported to us by wh1zee via HackerOne.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "wlc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.17.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-22250"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-12T16:13:33Z",
    "nvd_published_at": "2026-01-12T18:15:49Z",
    "severity": "LOW"
  },
  "details": "### Impact\nThe SSL verification would be skipped for some crafted URLs.\n\n### Patches\n* https://github.com/WeblateOrg/wlc/pull/1097\n\n### Workarounds\nAvoid using untrusted wlc configurations, as that might cause insecure connections.\n\n### References\nThis issue was reported to us by [wh1zee](https://hackerone.com/wh1zee) via HackerOne.",
  "id": "GHSA-2mmv-7rrp-g8xh",
  "modified": "2026-01-12T20:07:14Z",
  "published": "2026-01-12T16:13:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/wlc/security/advisories/GHSA-2mmv-7rrp-g8xh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22250"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/wlc/pull/1097"
    },
    {
      "type": "WEB",
      "url": "https://github.com/WeblateOrg/wlc/commit/a513864ec4daad00146e6d6e039559726e256fa3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/WeblateOrg/wlc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Weblate command-line client susceptible to SSL verification skip"
}

GHSA-2P88-V9R5-P4MP

Vulnerability from github – Published: 2022-05-17 04:31 – Updated: 2022-05-17 04:31
VLAI
Details

The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-3394"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-10-10T10:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916.",
  "id": "GHSA-2p88-v9r5-p4mp",
  "modified": "2022-05-17T04:31:07Z",
  "published": "2022-05-17T04:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3394"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-2PHC-GXQ3-33RM

Vulnerability from github – Published: 2022-05-17 02:39 – Updated: 2025-04-20 03:39
VLAI
Details

The "CFB Mobile Banking" by Citizens First Bank Wisconsin app 3.0.1 -- aka cfb-mobile-banking/id1081102805 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9596"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-16T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The \"CFB Mobile Banking\" by Citizens First Bank Wisconsin app 3.0.1 -- aka cfb-mobile-banking/id1081102805 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
  "id": "GHSA-2phc-gxq3-33rm",
  "modified": "2025-04-20T03:39:14Z",
  "published": "2022-05-17T02:39:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9596"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2PQV-GJX5-J94F

Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28
VLAI
Details

A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-5926"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-27T16:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A potential vulnerability has been identified in HP Remote Graphics Software\u2019s certificate authentication process version 7.5.0 and earlier.",
  "id": "GHSA-2pqv-gjx5-j94f",
  "modified": "2022-05-13T01:28:29Z",
  "published": "2022-05-13T01:28:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5926"
    },
    {
      "type": "WEB",
      "url": "https://support.hp.com/us-en/document/c06201418"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2PW7-G86G-76Q7

Vulnerability from github – Published: 2026-05-27 00:31 – Updated: 2026-07-15 15:32
VLAI
Details

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-42013"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1284",
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-26T22:16:42Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.",
  "id": "GHSA-2pw7-g86g-76q7",
  "modified": "2026-07-15T15:32:42Z",
  "published": "2026-05-27T00:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42013"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13274"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:20611"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:20612"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:20613"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:26319"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:26409"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:29197"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30004"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30849"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30850"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:32962"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:33125"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-42013"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467448"
    },
    {
      "type": "WEB",
      "url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2PWF-98XM-HGM2

Vulnerability from github – Published: 2022-05-14 02:52 – Updated: 2022-05-14 02:52
VLAI
Details

OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-3451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-18T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks.",
  "id": "GHSA-2pwf-98xm-hgm2",
  "modified": "2022-05-14T02:52:42Z",
  "published": "2022-05-14T02:52:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3451"
    },
    {
      "type": "WEB",
      "url": "https://community.igniterealtime.org/blogs/ignite/2015/04/22/openfire-3100-released"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/131614/OpenFire-XMPP-3.9.3-Certificate-Handling.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/04/23/16"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/535363/100/1100/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/74305"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2Q9R-QXXC-WGH3

Vulnerability from github – Published: 2022-05-14 02:57 – Updated: 2025-04-20 03:39
VLAI
Details

The "RVCB Mobile" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/id757928895 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-9578"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-16T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "The \"RVCB Mobile\" by RVCB Mobile Banking app 3.0.0 -- aka rvcb-mobile/id757928895 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
  "id": "GHSA-2q9r-qxxc-wgh3",
  "modified": "2025-04-20T03:39:12Z",
  "published": "2022-05-14T02:57:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9578"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/%40chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@chronic_9612/advisory-44-credit-union-apps-for-ios-may-allow-login-credential-exposure-4d2f380b85c5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Implementation

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

CAPEC-459: Creating a Rogue Certification Authority Certificate

An adversary exploits a weakness resulting from using a hashing algorithm with weak collision resistance to generate certificate signing requests (CSR) that contain collision blocks in their "to be signed" parts. The adversary submits one CSR to be signed by a trusted certificate authority then uses the signed blob to make a second certificate appear signed by said certificate authority. Due to the hash collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority.

CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.