Lucene search
K

36 matches found

OSV
OSV
added 2025/12/22 12:0 a.m.6 views

ALSA-2025:23738 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

7.5CVSS6.8AI score0.00417EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.2 views

RHEL 9 : mod_md (RHSA-2025:23739)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23739 advisory. This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate...

7.5CVSS5.7AI score0.00417EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2025/12/21 12:0 a.m.6 views

mod_md security update

1:2.4.26-1.1 - Resolves: RHEL-134496 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753...

7.5CVSS7.1AI score0.00417EPSS
Exploits0
Fedora
Fedora
added 2025/12/17 1:32 a.m.6 views

[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.5CVSS7AI score0.00417EPSS
Exploits0
Fedora
Fedora
added 2025/12/17 1:14 a.m.6 views

[SECURITY] Fedora 43 Update: mod_md-2.6.7-1.fc43

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

7.5CVSS7AI score0.00417EPSS
Exploits0
Cvelist
Cvelist
added 2025/08/07 12:4 a.m.62 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS0.00214EPSS
Exploits0References2
OSV
OSV
added 2025/08/07 12:4 a.m.20 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS6.5AI score0.00214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/07 12:4 a.m.5 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS6.2AI score0.00214EPSS
Exploits0References2
OSV
OSV
added 2025/08/06 5:8 p.m.8 views

GHSA-Q82R-2J7M-9RV4 github.com/go-acme/lego/v4/acme/api does not enforce HTTPS

Summary It was discovered that the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Details Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol...

6CVSS6.1AI score0.00214EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/06 5:8 p.m.17 views

github.com/go-acme/lego/v4/acme/api does not enforce HTTPS

Summary It was discovered that the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Details Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol...

6CVSS6.1AI score0.00214EPSS
Exploits0References4Affected Software3
The Hacker News
The Hacker News
added 2020/02/28 12:26 p.m.63 views

Let's Encrypt Issued A Billion Free SSL Certificates in the Last 4 Years

Let's Encrypt, a free, automated, and open certificate signing authority CA from the nonprofit Internet Security Research Group ISRG, has said it's issued a billion certificates since its launch in 2015. The CA issued its first certificate in September 2015, before eventually reaching 100 million...

6.4AI score
Exploits0
OpenVAS
OpenVAS
added 2019/10/01 12:0 a.m.35 views

Fedora Update for mod_md FEDORA-2019-e00c65ec6f

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS7.3AI score0.81466EPSS
Exploits5References2
Fedora
Fedora
added 2019/09/30 1:39 a.m.49 views

[SECURITY] Fedora 29 Update: mod_md-2.0.8-3.fc29

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol RFC Draft to automate certificate provisioning. These will be configured for managed domains and their virtual hosts automatically. This includes renewal of certificates befor...

7.2CVSS2.2AI score0.81466EPSS
Exploits5
Fedora
Fedora
added 2019/08/23 1:27 a.m.45 views

[SECURITY] Fedora 30 Update: mod_md-2.0.8-2.fc30

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol RFC Draft to automate certificate provisioning. These will be configured for managed domains and their virtual hosts automatically. This includes renewal of certificates befor...

7.2CVSS2.2AI score0.81466EPSS
Exploits5
OpenVAS
OpenVAS
added 2019/08/23 12:0 a.m.48 views

Fedora Update for mod_md FEDORA-2019-099575a123

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.2CVSS7.3AI score0.81466EPSS
Exploits4References2
Filippo.io
Filippo.io
added 2019/01/07 2:8 a.m.102 views

mkcert: valid HTTPS certificates for localhost

or for any other names The web is moving to HTTPS, preventing network attackers from observing or injecting page contents. But HTTPS needs TLS certificates, and while deployment is increasingly a solved issue thanks to the ACME protocol and Let's Encrypt, development still mostly ends up happenin...

7AI score
Exploits0
Rows per page
Query Builder