CVE-2023-0464

HIGH

OpenSSL 1.0.2-1.0.2zh - Denial of Service via Malicious X.509 Certificate Chain with Policy Constraints

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-0464. PoCs published by Trinadh465.

AI-analyzed exploit summary The repository appears to be a partial or incomplete OpenSSL source tree with configuration files and some application code, but lacks a clear exploit PoC or demonstration of CVE-2023-0464. No offensive techniques or exploit logic are present.

Description

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

Exploits (1)

nomisec STUB

by Trinadh465 · poc

https://github.com/Trinadh465/Openssl_1.1.1g_CVE-2023-0464

View Code ZIP pw:eip

The repository appears to be a partial or incomplete OpenSSL source tree with configuration files and some application code, but lacks a clear exploit PoC or demonstration of CVE-2023-0464. No offensive techniques or exploit logic are present.

Classification

Stub 90%

Attack Type

Other

Complexity

Theoretical

Reliability

Theoretical

Target: OpenSSL 1.1.1g

No auth needed

Prerequisites: None identified

devstral-2 · analyzed Feb 16, 2026 Full analysis →