CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash...

CVE-2022-3479

A vulnerability was found in NSS. The NSS client auth crashes without a user certificate in the database, leading to a segmentation fault or crash...

Apache Pulsar Trust Management Issues Vulnerability

Apache Pulsar is the United States Apache Apache Foundation for cloud environments, set of messages, storage, lightweight functional computing as one of the distributed message flow platform. The software supports multi-tenancy, persistent storage, multi-machine room cross-region data replication...

DEBIAN-CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

Authentication flaw

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

UBUNTU-CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

CVE-2022-37026

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS...

Ericsson Erlang 授权问题漏洞

Ericsson Erlang is a general-purpose concurrency-oriented programming language from Ericsson, Sweden. A security vulnerability exists in Erlang versions prior to 23.3.4.15, 24.x up to 24.3.4.2, and 25.x up to 25.0.2, which stems from bypassing client authentication in certain client-side...

CVE-2022-37026

CVE-2022-37026 affects Erlang/OTP prior to: 23.3.4.15, 24.x prior to 24.3.4.2, and 25.x prior to 25.0.2, where a client authentication bypass can occur in certain client-certification scenarios for SSL/TLS/DTLS. The issue is a bypass in client authentication, not a remote code execution by itself...

nss and nspr bug fix and enhancement update

An update is available for nspr, nss. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Security Services NSS is a set of libraries designed to support the...

Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL.

...

Tyler Odyssey 信任管理问题漏洞

Tyler Technologies Tyler Odyssey is a court and judicial software system from Tyler Technologies, USA. A security vulnerability exists in Tyler Odyssey that originates when Odyssey is configured to use a certificate public name for client authentication, which allows a man-in-the-middle attacker ...

PT-2022-11907 · Odyssey · Odyssey

Name of the Vulnerable Software and Affected Versions: Odyssey affected versions not specified Description: The issue allows a man-in-the-middle attacker to inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This...

Siemens SIMATIC WinCC OA Client Authentication Vulnerability

Siemens SIMATIC WinCC OA is a SCADA operating system from Siemens, Germany. It is used to control and monitor industrial applications. A security vulnerability exists in Siemens SIMATIC WinCC OA that stems from the application using only client-side authentication when both server-side...

PT-2022-6747 · Ericsson +6 · Erlang/Otp +6

Name of the Vulnerable Software and Affected Versions: Erlang/OTP versions prior to 23.3.4.15 Erlang/OTP versions 24.x prior to 24.3.4.2 Erlang/OTP versions 25.x prior to 25.0.2 Description: The issue is related to a Client Authentication Bypass in certain client-certification situations for SSL,...