Lucene search
K

91 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.4 views

EUVD-2026-39575

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6CVSS5.8AI score0.00143EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:17 p.m.5 views

DEBIAN-CVE-2026-55962

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:17 p.m.7 views

CVE-2026-55962

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6.5CVSS0.00143EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 9:12 p.m.27 views

CVE-2026-55962 TLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/CertificateVerify

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6CVSS0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 9:12 p.m.20 views

CVE-2026-55962

CVE-2026-55962 (WolfSSL) : TLS 1.3 post-handshake authentication could allow a server to accept a client’s Finished message without a Certificate and CertificateVerify if a post-handshake CertificateRequest was outstanding. The fix scopes the check to the initial handshake: after certReqCtx is se...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 9:12 p.m.5 views

CVE-2026-55962

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6.5CVSS5.8AI score0.00143EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52599

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A TLS 1.3 post-handshake authentication PHA issue exists where a server may accept a client's Finished message even if the client has not provided a Certificate and CertificateVerify. This...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3383 (ALAS-2026-3383)

The version of golang installed on the remote host is prior to 1.25.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3383 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

7.5CVSS6.3AI score0.00939EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Amazon Linux 2023 : golist (ALAS2023-2026-1874)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1874 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00939EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

9.1CVSS5.4AI score0.00194EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Golang-1.19

Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...

5.9CVSS6.8AI score0.00667EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/10 12:30 a.m.5 views

EUVD-2026-21231

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

6.3CVSS5.9AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 12:16 a.m.6 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

9.1CVSS0.00194EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/10 12:11 a.m.3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the DoTls13CertificateVerify process when handling a dual-algorithm CertificateVerify message due to improper bounds checking on crafted input. An attacker can cause the application to read memory outside the...

9.1CVSS5.9AI score0.00194EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.10 views

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from an out-of-bounds read during the processing of double-algorithm...

9.1CVSS5.8AI score0.00194EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/10 12:0 a.m.5 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

9.1CVSS5.8AI score0.00194EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted inpu...

9.1CVSS5.5AI score0.00194EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 11:2 p.m.2 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

6.3CVSS5.9AI score0.00194EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/09 11:2 p.m.6 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

9.1CVSS5.2AI score0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/09 11:2 p.m.28 views

CVE-2026-5393 OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

6.3CVSS0.00194EPSS
Exploits0References1
Rows per page
Query Builder