CVE-2020-35733 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Certificate verification bypass
Description	An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1457	erlang	23.2-3	23.2.2-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
20 Jan 2021	ASA-202101-39	AVG-1457	erlang	High	certificate verification bypass

References
https://erlang.org/pipermail/erlang-questions/2021-January/100357.html https://github.com/erlang/otp/commit/a59f3c4d2be19343f43c46241d0f4e30dd5563de