`openssl` `X509StoreRef::objects` is unsound

Published: Nov 28, 2023
Updated: Nov 29, 2023
GHSA: <a href="https://github.com/advisories/GHSA-xphf-cx8h-7q9g" target="_blank" rel="noopener"> GHSA-xphf-cx8h-7q9g
Severity: Medium
Exploit:

This function returned a reference into an OpenSSL datastructure, but there was no way to ensure OpenSSL would not mutate the datastructure behind one's back.

Use of this function should be replaced with X509StoreRef::all_certificates.