Internet Bug Bounty: Silent omission of certificate hostname verification in LibreSSL and BoringSSL. Open SSL 1.0.2 function X509_VERIFY_PARAM_set1_host silently neglected by LibreSSL and BoringSSL, leaving applications vulnerable to MitM attacks
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | CVE-2018-8970 | 24 Mar 201821:29 | – | nvd |
![]() | CVE-2018-8970 | 24 Mar 201821:00 | – | cvelist |
![]() | Design/Logic Flaw | 24 Mar 201821:29 | – | prion |
![]() | CVE-2018-8970 | 24 Mar 201821:29 | – | cve |
![]() | libcrypto46-3.3.4-1.2 on GA media | 15 Jun 202400:00 | – | osv |
![]() | openSUSE Security Update : libressl (openSUSE-2018-953) | 4 Sep 201800:00 | – | nessus |
![]() | openSUSE: Security Advisory for libressl (openSUSE-SU-2018:2597-1) | 4 Sep 201800:00 | – | openvas |
![]() | Security update for libressl (moderate) | 4 Sep 201800:07 | – | suse |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo