Lucene search
K

63 matches found

NVD
NVD
added 2026/03/19 9:17 p.m.7 views

CVE-2026-4428

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

9.1CVSS0.00252EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 8:37 p.m.5 views

CVE-2026-4428 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

9.1CVSS5.8AI score0.00252EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/19 8:37 p.m.23 views

CVE-2026-4428 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

9.1CVSS0.00252EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 12:0 p.m.5 views

RUSTSEC-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

7.4CVSS5.9AI score0.00252EPSS
Exploits0References4
RustSec
RustSec
added 2026/03/19 12:0 p.m.7 views

CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

9.1CVSS5.9AI score0.00252EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/19 8:51 a.m.8 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.9AI score0.59501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.27 views

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0101)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public...

7.4CVSS8AI score0.59501EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.19 views

EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2023-2129)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parse...

7.4CVSS7.9AI score0.59501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/01 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8.2AI score0.59501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/18 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1984)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8.2AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.31 views

EulerOS 2.0 SP9 : shim (EulerOS-SA-2023-1853)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...

7.4CVSS8AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.51 views

RHEL 8 : openssl (RHSA-2023:1441)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1441 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

7.4CVSS7.8AI score0.59501EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 7:37 p.m.43 views

K17330: GnuTLS vulnerability CVE-2015-3308

Security Advisory Description Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. CVE-2015-3308 Impact A remote attacker may be able to cause a...

7.5CVSS8AI score0.03921EPSS
Exploits0Affected Software1
Prion
Prion
added 2023/02/08 8:15 p.m.39 views

Type confusion

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

4CVSS7.6AI score0.59501EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2023/02/08 7:1 p.m.102 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.3AI score0.59501EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/02/08 7:1 p.m.528 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7.8AI score0.59501EPSS
Exploits0
RustSec
RustSec
added 2023/02/07 12:0 p.m.105 views

X.400 address type confusion in X.509 `GeneralName`

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.7AI score0.59501EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2023/02/07 12:0 a.m.52 views

CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS7AI score0.59501EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.53 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : openssl Vulnerability (NS-SA-2021-0158)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssl packages installed that are affected by a vulnerability: - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

5.9CVSS7.1AI score0.06968EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.40 views

F5 Networks BIG-IP : OpenSSL vulnerability (K42910051)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4 / 15.1.4.1 / 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K42910051 advisory. The X.509 GeneralName type is a generic type for representing different types of names. One of those name...

5.9CVSS7.1AI score0.06968EPSS
Exploits3References2
Rows per page
Query Builder