CWE-599
Missing Validation of OpenSSL Certificate
The product uses OpenSSL and trusts or uses a certificate without using the SSL_get_verify_result() function to ensure that the certificate satisfies all necessary security requirements.
Official CWE-599 definition at MITREImpactr finds and proves weaknesses like CWE-599 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist