7 matches found
CVE-2026-42012
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...
CVE-2026-33644 Lychee has SSRF bypass via DNS rebinding — PhotoUrlRule only validates IP addresses, not hostnames resolving to internal IPs
Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the SSRF protection in PhotoUrlRule.php can be bypassed using DNS rebinding. The IP validation check line 86-89 only activates when the hostname is an IP address. When a domain name is used, filtervar$host,...
SUSE CVE-2024-5991
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
AZL-48342 CVE-2024-5991 affecting package mariadb for versions less than 10.6.9-4
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
AZL-48368 CVE-2024-5991 affecting package mariadb for versions less than 10.6.9-6
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
UBUNTU-CVE-2024-5991
In function MatchDomainName, input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509checkhost takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do...
dhcp security update
12:4.1.1-12.P1.4 - Better fix for CVE-2011-0997: making domain-name check more lenient 690578 12:4.1.1-12.P1.3 - dhclient: insufficient sanitization of certain DHCP response values CVE-2011-0997, 690578...