Vulnerability-Lookup

WID-SEC-W-2026-1719

Vulnerability from csaf_certbund - Published: 2026-05-27 22:00 - Updated: 2026-06-14 22:00

Summary

Erlang/OTP: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und für den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2026-42789

Affected products

Known affected 10 products

Product	Identifier	Version
Open Source Erlang/OTP <1.20.3.1 Open Source / Erlang/OTP		<1.20.3.1
Open Source Erlang/OTP <1.21.1 Open Source / Erlang/OTP		<1.21.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Erlang/OTP <26.2.5.21 Open Source / Erlang/OTP		<26.2.5.21
Open Source Erlang/OTP <27.3.4.12 Open Source / Erlang/OTP		<27.3.4.12
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Open Source Erlang/OTP <28.5.0.1 Open Source / Erlang/OTP		<28.5.0.1
Open Source Erlang/OTP <1.15.1.7 Open Source / Erlang/OTP		<1.15.1.7
Open Source Erlang/OTP <29.0.1 Open Source / Erlang/OTP		<29.0.1
Open Source Erlang/OTP <1.17.1.3 Open Source / Erlang/OTP		<1.17.1.3

CVE-2026-42790

Affected products

Known affected 10 products

Product	Identifier	Version
Open Source Erlang/OTP <1.20.3.1 Open Source / Erlang/OTP		<1.20.3.1
Open Source Erlang/OTP <1.21.1 Open Source / Erlang/OTP		<1.21.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Erlang/OTP <26.2.5.21 Open Source / Erlang/OTP		<26.2.5.21
Open Source Erlang/OTP <27.3.4.12 Open Source / Erlang/OTP		<27.3.4.12
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Open Source Erlang/OTP <28.5.0.1 Open Source / Erlang/OTP		<28.5.0.1
Open Source Erlang/OTP <1.15.1.7 Open Source / Erlang/OTP		<1.15.1.7
Open Source Erlang/OTP <29.0.1 Open Source / Erlang/OTP		<29.0.1
Open Source Erlang/OTP <1.17.1.3 Open Source / Erlang/OTP		<1.17.1.3

CVE-2026-42791

Affected products

Known affected 10 products

Product	Identifier	Version
Open Source Erlang/OTP <1.20.3.1 Open Source / Erlang/OTP		<1.20.3.1
Open Source Erlang/OTP <1.21.1 Open Source / Erlang/OTP		<1.21.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Erlang/OTP <26.2.5.21 Open Source / Erlang/OTP		<26.2.5.21
Open Source Erlang/OTP <27.3.4.12 Open Source / Erlang/OTP		<27.3.4.12
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Open Source Erlang/OTP <28.5.0.1 Open Source / Erlang/OTP		<28.5.0.1
Open Source Erlang/OTP <1.15.1.7 Open Source / Erlang/OTP		<1.15.1.7
Open Source Erlang/OTP <29.0.1 Open Source / Erlang/OTP		<29.0.1
Open Source Erlang/OTP <1.17.1.3 Open Source / Erlang/OTP		<1.17.1.3

References

7 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://github.com/erlang/otp/security/advisories…	external
https://github.com/erlang/otp/security/advisories…	external
https://github.com/erlang/otp/security/advisories…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Erlang/OTP (Open Telecom Platform) ist eine Sammlung von Bibliotheken und Tools, die auf der Programmiersprache Erlang basieren und f\u00fcr den Aufbau skalierbarer, fehlertoleranter und verteilter Systeme entwickelt wurden.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Erlang/OTP ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1719 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1719.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1719 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1719"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-c99q-jmpx-v8qq vom 2026-05-27",
        "url": "https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-22cw-4ph4-6447 vom 2026-05-27",
        "url": "https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-cjxj-wj6x-3fff vom 2026-05-27",
        "url": "https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:10947-1 vom 2026-06-07",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QK6K6BD7IHWDWZZAS5FMBXE23GAEMEA2/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22082-1 vom 2026-06-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026750.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Erlang/OTP: Mehrere Schwachstellen erm\u00f6glichen Umgehen von Sicherheitsvorkehrungen",
    "tracking": {
      "current_release_date": "2026-06-14T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-15T09:34:55.432+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1719",
      "initial_release_date": "2026-05-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-28T22:00:00.000+00:00",
          "number": "2",
          "summary": "Korrektur"
        },
        {
          "date": "2026-06-07T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2026-06-14T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c29.0.1",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c29.0.1",
                  "product_id": "T054800"
                }
              },
              {
                "category": "product_version",
                "name": "29.0.1",
                "product": {
                  "name": "Open Source Erlang/OTP 29.0.1",
                  "product_id": "T054800-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:29.0.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c28.5.0.1",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c28.5.0.1",
                  "product_id": "T054802"
                }
              },
              {
                "category": "product_version",
                "name": "28.5.0.1",
                "product": {
                  "name": "Open Source Erlang/OTP 28.5.0.1",
                  "product_id": "T054802-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:28.5.0.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c27.3.4.12",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c27.3.4.12",
                  "product_id": "T054803"
                }
              },
              {
                "category": "product_version",
                "name": "27.3.4.12",
                "product": {
                  "name": "Open Source Erlang/OTP 27.3.4.12",
                  "product_id": "T054803-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:27.3.4.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c26.2.5.21",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c26.2.5.21",
                  "product_id": "T054805"
                }
              },
              {
                "category": "product_version",
                "name": "26.2.5.21",
                "product": {
                  "name": "Open Source Erlang/OTP 26.2.5.21",
                  "product_id": "T054805-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:26.2.5.21"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.21.1",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c1.21.1",
                  "product_id": "T054808"
                }
              },
              {
                "category": "product_version",
                "name": "1.21.1",
                "product": {
                  "name": "Open Source Erlang/OTP 1.21.1",
                  "product_id": "T054808-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:1.21.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.20.3.1",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c1.20.3.1",
                  "product_id": "T054809"
                }
              },
              {
                "category": "product_version",
                "name": "1.20.3.1",
                "product": {
                  "name": "Open Source Erlang/OTP 1.20.3.1",
                  "product_id": "T054809-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:1.20.3.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.17.1.3",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c1.17.1.3",
                  "product_id": "T054810"
                }
              },
              {
                "category": "product_version",
                "name": "1.17.1.3",
                "product": {
                  "name": "Open Source Erlang/OTP 1.17.1.3",
                  "product_id": "T054810-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:1.17.1.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.15.1.7",
                "product": {
                  "name": "Open Source Erlang/OTP \u003c1.15.1.7",
                  "product_id": "T054812"
                }
              },
              {
                "category": "product_version",
                "name": "1.15.1.7",
                "product": {
                  "name": "Open Source Erlang/OTP 1.15.1.7",
                  "product_id": "T054812-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:erlang:erlang%2fotp:1.15.1.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Erlang/OTP"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-42789",
      "product_status": {
        "known_affected": [
          "T054809",
          "T054808",
          "T002207",
          "T054805",
          "T054803",
          "T027843",
          "T054802",
          "T054812",
          "T054800",
          "T054810"
        ]
      },
      "release_date": "2026-05-27T22:00:00.000+00:00",
      "title": "CVE-2026-42789"
    },
    {
      "cve": "CVE-2026-42790",
      "product_status": {
        "known_affected": [
          "T054809",
          "T054808",
          "T002207",
          "T054805",
          "T054803",
          "T027843",
          "T054802",
          "T054812",
          "T054800",
          "T054810"
        ]
      },
      "release_date": "2026-05-27T22:00:00.000+00:00",
      "title": "CVE-2026-42790"
    },
    {
      "cve": "CVE-2026-42791",
      "product_status": {
        "known_affected": [
          "T054809",
          "T054808",
          "T002207",
          "T054805",
          "T054803",
          "T027843",
          "T054802",
          "T054812",
          "T054800",
          "T054810"
        ]
      },
      "release_date": "2026-05-27T22:00:00.000+00:00",
      "title": "CVE-2026-42791"
    }
  ]
}

CVE-2026-42789 (GCVE-0-2026-42789)

Vulnerability from cvelistv5 – Published: 2026-05-27 12:23 – Updated: 2026-05-27 15:46

Title

Non-CA certificate accepted as intermediate issuer in public_key path validation

Summary

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement. Any party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim's trust store, can use that certificate's private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers. This issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.

Severity

7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-295 - Improper Certificate Validation
CWE-296 - Improper Following of a Certificate's Chain of Trust

Assigner

EEF

References

6 references

URL	Tags
https://github.com/erlang/otp/security/advisories…	vendor-advisoryrelated
https://cna.erlef.org/cves/CVE-2026-42789.html	related
https://osv.dev/vulnerability/EEF-CVE-2026-42789	related
https://www.erlang.org/doc/system/versions.html#o…	x_version-scheme
https://github.com/erlang/otp/commit/471cd2f66430…	patch
https://github.com/erlang/otp/commit/59c8d824386b…	patch

Impacted products

2 products

Vendor	Product	Version
Erlang	OTP	Affected: 0.22 , < * (otp) cpe:2.3:a:erlang:erlang\/otp::::::::
Erlang	OTP	Affected: 17.0 , < * (otp) Affected: 84adefa331c4159d432d22840663c38f155cd4c1 , < * (git) cpe:2.3:a:erlang:erlang\/otp::::::::

Credits

John Downey Ingela Anderton Andin Jakub Witczak

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42789",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-27T15:41:47.903975Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-27T15:43:46.333Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_cert"
          ],
          "packageName": "public_key",
          "packageURL": "pkg:otp/public_key?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git",
          "product": "OTP",
          "programFiles": [
            "src/pubkey_cert.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_cert:validate_extensions/7"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.15.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "1.17.1.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.20.3.1",
                  "status": "unaffected"
                },
                {
                  "at": "1.21.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "0.22",
              "versionType": "otp"
            }
          ]
        },
        {
          "collectionURL": "https://github.com",
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_cert"
          ],
          "packageName": "erlang/otp",
          "packageURL": "pkg:github/erlang/otp",
          "product": "OTP",
          "programFiles": [
            "lib/public_key/src/pubkey_cert.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_cert:validate_extensions/7"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "26.2.5.21",
                  "status": "unaffected"
                },
                {
                  "at": "27.3.4.12",
                  "status": "unaffected"
                },
                {
                  "at": "28.5.0.1",
                  "status": "unaffected"
                },
                {
                  "at": "29.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "17.0",
              "versionType": "otp"
            },
            {
              "changes": [
                {
                  "at": "471cd2f664300a95353c467873800bbe706005db",
                  "status": "unaffected"
                },
                {
                  "at": "59c8d824386b2eb1614ff9340624843ef6aca0fd",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "84adefa331c4159d432d22840663c38f155cd4c1",
              "versionType": "git"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "26.2.5.21",
                  "versionStartIncluding": "17.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "27.3.4.12",
                  "versionStartIncluding": "27.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "28.5.0.1",
                  "versionStartIncluding": "28.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "29.0.1",
                  "versionStartIncluding": "29.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "AND"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "John Downey"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ingela Anderton Andin"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Jakub Witczak"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP \u003ctt\u003epublic_key\u003c/tt\u003e (\u003ctt\u003epubkey_cert\u003c/tt\u003e module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\u003cp\u003eIn \u003ctt\u003elib/public_key/src/pubkey_cert.erl\u003c/tt\u003e, \u003ctt\u003epubkey_cert:validate_extensions/7\u003c/tt\u003e contains two flaws that together allow a certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension to be used as an intermediate issuer in a chain passed to \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e: the \u003ctt\u003ecA:false\u003c/tt\u003e clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the \u003ctt\u003ekeyUsage\u003c/tt\u003e check only fires when the extension is present, so a certificate lacking \u003ctt\u003ekeyUsage\u003c/tt\u003e entirely bypasses the \u003ctt\u003ekeyCertSign\u003c/tt\u003e enforcement.\u003c/p\u003e\u003cp\u003eAny party holding an end-entity certificate with \u003ctt\u003ebasicConstraints cA:false\u003c/tt\u003e and no \u003ctt\u003ekeyUsage\u003c/tt\u003e extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. \u003ctt\u003epublic_key:pkix_path_validation/3\u003c/tt\u003e accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP \u003ctt\u003essl\u003c/tt\u003e application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\u003c/p\u003e\u003cp\u003eThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to \u003ctt\u003epublic_key\u003c/tt\u003e from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\u003c/p\u003e"
            }
          ],
          "value": "Improper Following of a Certificate\u0027s Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery.\n\nIn lib/public_key/src/pubkey_cert.erl, pubkey_cert:validate_extensions/7 contains two flaws that together allow a certificate with basicConstraints cA:false and no keyUsage extension to be used as an intermediate issuer in a chain passed to public_key:pkix_path_validation/3: the cA:false clause recurses into the remaining extensions without rejecting the certificate when it is in issuer position, and the keyUsage check only fires when the extension is present, so a certificate lacking keyUsage entirely bypasses the keyCertSign enforcement.\n\nAny party holding an end-entity certificate with basicConstraints cA:false and no keyUsage extension, issued by any CA in the victim\u0027s trust store, can use that certificate\u0027s private key to sign forged leaf certificates for arbitrary identities. public_key:pkix_path_validation/3 accepts the resulting chain, and by extension every TLS or mTLS endpoint built on the OTP ssl application that relies on the default verifier is affected, including server identity verification on the client side and client certificate verification on mTLS servers.\n\nThis issue affects OTP from OTP 17.0 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 0.22 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-475",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-475 Signature Spoofing by Improper Validation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-296",
              "description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T15:46:57.832Z",
        "orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
        "shortName": "EEF"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "related"
          ],
          "url": "https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cna.erlef.org/cves/CVE-2026-42789.html"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://osv.dev/vulnerability/EEF-CVE-2026-42789"
        },
        {
          "tags": [
            "x_version-scheme"
          ],
          "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/471cd2f664300a95353c467873800bbe706005db"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/59c8d824386b2eb1614ff9340624843ef6aca0fd"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Non-CA certificate accepted as intermediate issuer in public_key path validation",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The \u003ctt\u003everify_fun\u003c/tt\u003e option in the \u003ctt\u003essl\u003c/tt\u003e or \u003ctt\u003epublic_key\u003c/tt\u003e application can be used to ensure that path validation rejects chains where an intermediate certificate does not have \u003ctt\u003ebasicConstraints cA:true\u003c/tt\u003e."
            }
          ],
          "value": "The verify_fun option in the ssl or public_key application can be used to ensure that path validation rejects chains where an intermediate certificate does not have basicConstraints cA:true."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
    "assignerShortName": "EEF",
    "cveId": "CVE-2026-42789",
    "datePublished": "2026-05-27T12:23:06.355Z",
    "dateReserved": "2026-04-29T18:06:33.251Z",
    "dateUpdated": "2026-05-27T15:46:57.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42790 (GCVE-0-2026-42790)

Vulnerability from cvelistv5 – Published: 2026-05-27 15:09 – Updated: 2026-05-28 04:39

Title

nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification

Summary

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com): First, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName. Second, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback. The result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher. This issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.

Severity

7.6 (High)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-295 - Improper Certificate Validation
CWE-297 - Improper Validation of Certificate with Host Mismatch

Assigner

EEF

References

7 references

URL	Tags
https://github.com/erlang/otp/security/advisories…	vendor-advisoryrelated
https://cna.erlef.org/cves/CVE-2026-42790.html	related
https://osv.dev/vulnerability/EEF-CVE-2026-42790	related
https://www.erlang.org/doc/system/versions.html#o…	x_version-scheme
https://github.com/erlang/otp/commit/0769050c69d7…	patch
https://github.com/erlang/otp/commit/fb67c6d1836f…	patch
https://github.com/erlang/otp/commit/21abed64eb20…	patch

Impacted products

2 products

Vendor	Product	Version
Erlang	OTP	Affected: 1.4 , < * (otp) cpe:2.3:a:erlang:erlang\/otp::::::::
Erlang	OTP	Affected: 19.3 , < * (otp) Affected: b0c245e8132bb13171e277b1af59c0cec00c9459 , < * (git) cpe:2.3:a:erlang:erlang\/otp::::::::

Credits

John Downey Ingela Anderton Andin Dan Gudmundsson Jakub Witczak

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42790",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-27T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-28T03:55:49.233Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_cert",
            "public_key"
          ],
          "packageName": "public_key",
          "packageURL": "pkg:otp/public_key?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git",
          "product": "OTP",
          "programFiles": [
            "src/pubkey_cert.erl",
            "src/public_key.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_cert:validate_names/6"
            },
            {
              "name": "public_key:pkix_verify_hostname/3"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.15.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "1.17.1.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.20.3.1",
                  "status": "unaffected"
                },
                {
                  "at": "1.21.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "1.4",
              "versionType": "otp"
            }
          ]
        },
        {
          "collectionURL": "https://github.com",
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_cert",
            "public_key"
          ],
          "packageName": "erlang/otp",
          "packageURL": "pkg:github/erlang/otp",
          "product": "OTP",
          "programFiles": [
            "lib/public_key/src/pubkey_cert.erl",
            "lib/public_key/src/public_key.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_cert:validate_names/6"
            },
            {
              "name": "public_key:pkix_verify_hostname/3"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "26.2.5.21",
                  "status": "unaffected"
                },
                {
                  "at": "27.3.4.12",
                  "status": "unaffected"
                },
                {
                  "at": "28.5.0.1",
                  "status": "unaffected"
                },
                {
                  "at": "29.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "19.3",
              "versionType": "otp"
            },
            {
              "changes": [
                {
                  "at": "0769050c69d73762672b0db1347b6993a5b31759",
                  "status": "unaffected"
                },
                {
                  "at": "fb67c6d1836f51105a96d8b769e71e4215a79457",
                  "status": "unaffected"
                },
                {
                  "at": "21abed64eb2026b5f82f432709e4e932f9be389a",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "b0c245e8132bb13171e277b1af59c0cec00c9459",
              "versionType": "git"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "26.2.5.21",
                  "versionStartIncluding": "19.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "27.3.4.12",
                  "versionStartIncluding": "27.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "28.5.0.1",
                  "versionStartIncluding": "28.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "29.0.1",
                  "versionStartIncluding": "29.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "AND"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "John Downey"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Ingela Anderton Andin"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Dan Gudmundsson"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Jakub Witczak"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Certificate Validation vulnerability in Erlang OTP \u003ctt\u003epublic_key\u003c/tt\u003e (\u003ctt\u003epubkey_cert\u003c/tt\u003e and \u003ctt\u003epublic_key\u003c/tt\u003e modules) allows a DNS \u003ctt\u003enameConstraints\u003c/tt\u003e bypass via subject CommonName fallback in TLS hostname verification.\u003cp\u003eTwo flaws combine to allow a subordinate CA whose DNS \u003ctt\u003enameConstraints\u003c/tt\u003e are restricted (e.g. \u003ctt\u003epermitted;DNS:allowed.example.com\u003c/tt\u003e) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. \u003ctt\u003evictim.example.com\u003c/tt\u003e):\u003c/p\u003e\u003cp\u003eFirst, \u003ctt\u003epubkey_cert:validate_names/6\u003c/tt\u003e in \u003ctt\u003elib/public_key/src/pubkey_cert.erl\u003c/tt\u003e only checks SAN DNS entries against \u003ctt\u003enameConstraints\u003c/tt\u003e. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no \u003ctt\u003esubjectAltName\u003c/tt\u003e therefore trivially satisfies any \u003ctt\u003epermitted;DNS:...\u003c/tt\u003e constraint regardless of its subject \u003ctt\u003ecommonName\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eSecond, \u003ctt\u003epublic_key:pkix_verify_hostname/3\u003c/tt\u003e in \u003ctt\u003elib/public_key/src/public_key.erl\u003c/tt\u003e falls back to the subject \u003ctt\u003ecommonName\u003c/tt\u003e when no \u003ctt\u003esubjectAltName\u003c/tt\u003e is present, extracting \u003ctt\u003eid-at-commonName\u003c/tt\u003e attributes as presented IDs and matching them against the reference hostname. The strict \u003ctt\u003epkix_verify_hostname_match_fun(https)\u003c/tt\u003e matcher does not suppress this fallback.\u003c/p\u003e\u003cp\u003eThe result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the \u003ctt\u003enameConstraints\u003c/tt\u003e are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock \u003ctt\u003essl:connect\u003c/tt\u003e with \u003ctt\u003everify_peer\u003c/tt\u003e, a trusted CA, SNI, and the canonical strict \u003ctt\u003ehttps\u003c/tt\u003e hostname matcher.\u003c/p\u003e\u003cp\u003eThis issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to \u003ctt\u003epublic_key\u003c/tt\u003e from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1.\u003c/p\u003e"
            }
          ],
          "value": "Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification.\n\nTwo flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted (e.g. permitted;DNS:allowed.example.com) to issue a leaf certificate that an OTP TLS client accepts as a valid identity for an out-of-scope hostname (e.g. victim.example.com):\n\nFirst, pubkey_cert:validate_names/6 in lib/public_key/src/pubkey_cert.erl only checks SAN DNS entries against nameConstraints. Per RFC 5280, a permitted DNS subtree only restricts certificates that contain a DNS-typed name. A leaf with no subjectAltName therefore trivially satisfies any permitted;DNS:... constraint regardless of its subject commonName.\n\nSecond, public_key:pkix_verify_hostname/3 in lib/public_key/src/public_key.erl falls back to the subject commonName when no subjectAltName is present, extracting id-at-commonName attributes as presented IDs and matching them against the reference hostname. The strict pkix_verify_hostname_match_fun(https) matcher does not suppress this fallback.\n\nThe result is that path validation accepts a CN-only leaf under a DNS-constrained intermediate (no SAN means the nameConstraints are not triggered), and hostname verification then accepts it via the CN fallback. The bypass is reachable from stock ssl:connect with verify_peer, a trusted CA, SNI, and the canonical strict https hostname matcher.\n\nThis issue affects OTP from OTP 19.3 before OTP 26.2.5.21, 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.4 before 1.15.1.7, 1.17.1.3, 1.20.3.1, and 1.21.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-475",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-475 Signature Spoofing by Improper Validation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T04:39:17.033Z",
        "orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
        "shortName": "EEF"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "related"
          ],
          "url": "https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cna.erlef.org/cves/CVE-2026-42790.html"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://osv.dev/vulnerability/EEF-CVE-2026-42790"
        },
        {
          "tags": [
            "x_version-scheme"
          ],
          "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/0769050c69d73762672b0db1347b6993a5b31759"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/fb67c6d1836f51105a96d8b769e71e4215a79457"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/21abed64eb2026b5f82f432709e4e932f9be389a"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The \u003ctt\u003everify_fun\u003c/tt\u003e option in the \u003ctt\u003essl\u003c/tt\u003e application can be used to ensure that TLS connections fail if the end-entity certificate is missing the \u003ctt\u003esubjectAltName\u003c/tt\u003e extension or has no domain name. Do not use a \u003ctt\u003everify_fun\u003c/tt\u003e that accepts the \u003ctt\u003ename_not_permitted\u003c/tt\u003e error."
            }
          ],
          "value": "The verify_fun option in the ssl application can be used to ensure that TLS connections fail if the end-entity certificate is missing the subjectAltName extension or has no domain name. Do not use a verify_fun that accepts the name_not_permitted error."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
    "assignerShortName": "EEF",
    "cveId": "CVE-2026-42790",
    "datePublished": "2026-05-27T15:09:01.860Z",
    "dateReserved": "2026-04-29T18:06:33.251Z",
    "dateUpdated": "2026-05-28T04:39:17.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42791 (GCVE-0-2026-42791)

Vulnerability from cvelistv5 – Published: 2026-05-27 12:23 – Updated: 2026-05-27 15:41

Title

OCSP responder certificate validity period not checked in public_key

Summary

Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid. This affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case — server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate. This issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-295 - Improper Certificate Validation
CWE-672 - Operation on a Resource after Expiration or Release

Assigner

EEF

References

6 references

URL	Tags
https://github.com/erlang/otp/security/advisories…	vendor-advisoryrelated
https://cna.erlef.org/cves/CVE-2026-42791.html	related
https://osv.dev/vulnerability/EEF-CVE-2026-42791	related
https://www.erlang.org/doc/system/versions.html#o…	x_version-scheme
https://github.com/erlang/otp/commit/7995f1fdaee3…	patch
https://github.com/erlang/otp/commit/b3870e02405c…	patch

Impacted products

2 products

Vendor	Product	Version
Erlang	OTP	Affected: 1.16 , < * (otp) cpe:2.3:a:erlang:erlang\/otp::::::::
Erlang	OTP	Affected: 27.0 , < * (otp) Affected: 2b1a742c651b90f8a7a1fb2ddde73f29915ea376 , < * (git) cpe:2.3:a:erlang:erlang\/otp::::::::

Credits

Jakub Witczak Ingela Anderton Andin

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-27T15:40:27.647844Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-27T15:40:49.123Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_ocsp"
          ],
          "packageName": "public_key",
          "packageURL": "pkg:otp/public_key?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp\u0026vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git",
          "product": "OTP",
          "programFiles": [
            "src/pubkey_ocsp.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_ocsp:verify_response/5"
            },
            {
              "name": "pubkey_ocsp:is_authorized_responder/3"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.17.1.3",
                  "status": "unaffected"
                },
                {
                  "at": "1.20.3.1",
                  "status": "unaffected"
                },
                {
                  "at": "1.21.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "1.16",
              "versionType": "otp"
            }
          ]
        },
        {
          "collectionURL": "https://github.com",
          "cpes": [
            "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "modules": [
            "pubkey_ocsp"
          ],
          "packageName": "erlang/otp",
          "packageURL": "pkg:github/erlang/otp",
          "product": "OTP",
          "programFiles": [
            "lib/public_key/src/pubkey_ocsp.erl"
          ],
          "programRoutines": [
            {
              "name": "pubkey_ocsp:verify_response/5"
            },
            {
              "name": "pubkey_ocsp:is_authorized_responder/3"
            }
          ],
          "repo": "https://github.com/erlang/otp",
          "vendor": "Erlang",
          "versions": [
            {
              "changes": [
                {
                  "at": "27.3.4.12",
                  "status": "unaffected"
                },
                {
                  "at": "28.5.0.1",
                  "status": "unaffected"
                },
                {
                  "at": "29.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "27.0",
              "versionType": "otp"
            },
            {
              "changes": [
                {
                  "at": "7995f1fdaee3da569bb810358ce0f546471d169b",
                  "status": "unaffected"
                },
                {
                  "at": "b3870e02405c709a872b01ba6086065620cdfe76",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "2b1a742c651b90f8a7a1fb2ddde73f29915ea376",
              "versionType": "git"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For the \u003ctt\u003essl\u003c/tt\u003e application, OCSP stapling must be enabled by setting the \u003ctt\u003estapling\u003c/tt\u003e option to \u003ctt\u003estaple\u003c/tt\u003e in the TLS client options. OCSP stapling is not enabled by default.\u003cp\u003eApplications calling \u003ctt\u003epublic_key:pkix_ocsp_validate/5\u003c/tt\u003e directly are unconditionally affected when that function is used.\u003c/p\u003e"
            }
          ],
          "value": "For the ssl application, OCSP stapling must be enabled by setting the stapling option to staple in the TLS client options. OCSP stapling is not enabled by default.\n\nApplications calling public_key:pkix_ocsp_validate/5 directly are unconditionally affected when that function is used."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "27.3.4.12",
                  "versionStartIncluding": "27.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "28.5.0.1",
                  "versionStartIncluding": "28.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "29.0.1",
                  "versionStartIncluding": "29.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "AND"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Jakub Witczak"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Ingela Anderton Andin"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Certificate Validation vulnerability in Erlang OTP \u003ctt\u003epublic_key\u003c/tt\u003e (\u003ctt\u003epubkey_ocsp\u003c/tt\u003e module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid.\u003cp\u003eOCSP response verification in \u003ctt\u003epubkey_ocsp:verify_response/5\u003c/tt\u003e and \u003ctt\u003epubkey_ocsp:is_authorized_responder/3\u003c/tt\u003e in \u003ctt\u003elib/public_key/src/pubkey_ocsp.erl\u003c/tt\u003e does not check the validity period (\u003ctt\u003enotBefore\u003c/tt\u003e/\u003ctt\u003enotAfter\u003c/tt\u003e) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid.\u003c/p\u003e\u003cp\u003eThis affects TLS clients using OCSP stapling via the \u003ctt\u003essl\u003c/tt\u003e application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling \u003ctt\u003epublic_key:pkix_ocsp_validate/5\u003c/tt\u003e directly, where the impact depends on the use case \u2014 server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate.\u003c/p\u003e\u003cp\u003eThis issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to \u003ctt\u003epublic_key\u003c/tt\u003e from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1.\u003c/p\u003e"
            }
          ],
          "value": "Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid.\n\nOCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker who has obtained the private key of an expired CA-designated OCSP responder certificate can forge OCSP responses that Erlang/OTP accepts as valid.\n\nThis affects TLS clients using OCSP stapling via the ssl application: a malicious or compromised server can present a revoked TLS certificate together with a forged OCSP response signed by an expired responder key, and the client will accept the revoked certificate as valid. It also affects applications calling public_key:pkix_ocsp_validate/5 directly, where the impact depends on the use case \u2014 server-side client certificate validation using this API may allow authentication bypass with a revoked client certificate.\n\nThis issue affects OTP from OTP 27.0 before OTP 27.3.4.12, 28.5.0.1, and 29.0.1 corresponding to public_key from 1.16 before 1.17.1.3, 1.20.3.1, and 1.21.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-475",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-475 Signature Spoofing by Improper Validation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-672",
              "description": "CWE-672 Operation on a Resource after Expiration or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T15:41:07.758Z",
        "orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
        "shortName": "EEF"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "related"
          ],
          "url": "https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cna.erlef.org/cves/CVE-2026-42791.html"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://osv.dev/vulnerability/EEF-CVE-2026-42791"
        },
        {
          "tags": [
            "x_version-scheme"
          ],
          "url": "https://www.erlang.org/doc/system/versions.html#order-of-versions"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/7995f1fdaee3da569bb810358ce0f546471d169b"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/erlang/otp/commit/b3870e02405c709a872b01ba6086065620cdfe76"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "OCSP responder certificate validity period not checked in public_key",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cul\u003e\u003cli\u003eFor TLS clients using the \u003ctt\u003essl\u003c/tt\u003e application, disable OCSP stapling by setting \u003ctt\u003e{stapling, no_staple}\u003c/tt\u003e in the client options, or switch to CRL-based revocation checking with \u003ctt\u003e{crl_check, true}\u003c/tt\u003e.\u003c/li\u003e\u003cli\u003eFor applications calling \u003ctt\u003epublic_key:pkix_ocsp_validate/5\u003c/tt\u003e directly, validate the responder certificate\u0027s validity period in application code before calling the function.\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "* For TLS clients using the ssl application, disable OCSP stapling by setting {stapling, no_staple} in the client options, or switch to CRL-based revocation checking with {crl_check, true}.\n* For applications calling public_key:pkix_ocsp_validate/5 directly, validate the responder certificate\u0027s validity period in application code before calling the function."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
    "assignerShortName": "EEF",
    "cveId": "CVE-2026-42791",
    "datePublished": "2026-05-27T12:23:13.584Z",
    "dateReserved": "2026-04-29T18:06:33.251Z",
    "dateUpdated": "2026-05-27T15:41:07.758Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1719

CVE-2026-42789 (GCVE-0-2026-42789)

CVE-2026-42790 (GCVE-0-2026-42790)

CVE-2026-42791 (GCVE-0-2026-42791)

Tags

Sightings

Nomenclature