Summary
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However, the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.
Products Potentially Affected
| OS/Product |
Exposure |
| Network OS |
No |
Repair Recommendations
None.
Please see the full security advisory article here for more details and updates.
