CVE-2026-42791

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 27.0 through 27.3.4.11 Erlang OTP versions prior to 28.5.0.1 Erlang OTP versions prior to 29.0.1 public key versions 1.16 through 1.17.1.2 public key versions prior to 1.20.3.1 public key versions prior to 1.21.1

Description Improper Certificate Validation in the pubkey ocsp module of Erlang OTP public key allows forged Online Certificate Status Protocol (OCSP) responses signed with an expired responder certificate to be accepted as valid. The functions verify response/5 and is authorized responder/3 fail to check the validity period (notBefore/notAfter) of the OCSP responder certificate. An attacker possessing the private key of an expired CA-designated OCSP responder certificate can forge responses that the system accepts. This impacts TLS clients using OCSP stapling via the ssl application, potentially allowing a compromised server to present a revoked TLS certificate as valid. It also affects applications directly calling the pkix ocsp validate/5 function, which may lead to authentication bypass during server-side client certificate validation.

Recommendations Update Erlang OTP to version 27.3.4.12, 28.5.0.1, or 29.0.1. Update public key to version 1.17.1.3, 1.20.3.1, or 1.21.1. For TLS clients using the ssl application, disable OCSP stapling by setting {stapling, no staple} in client options or switch to CRL-based revocation checking with {crl check, true}. For applications calling pkix ocsp validate/5 directly, validate the responder certificate's validity period in the application code before calling the function.