Fedora JSS CVE-2019-14823 Security Check Bypass Vulnerability
Description
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.
Affected Applications
JSS