Unrated severityNVD Advisory· Published Mar 5, 2014· Updated Jun 17, 2026
CVE-2014-2234
CVE-2014-2234
Description
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify callback function's documentation, which allows remote attackers to bypass extra verification within a custom application via a crafted certificate chain that is acceptable to TEA but not acceptable to that application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=10.9.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.