Description
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
Remediation
References
Related Vulnerabilities
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498)
WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.1)
Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-28861)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.20)
WordPress Plugin Campaign Press Cross-Site Scripting (1.0.5)