Lucene search

K
cvelistRedhatCVELIST:CVE-2012-0867
HistoryJul 18, 2012 - 11:00 p.m.

CVE-2012-0867

2012-07-1823:00:00
redhat
www.cve.org
3

AI Score

6.3

Confidence

High

EPSS

0.005

Percentile

75.9%

PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.