Lucene search
+L

7 matches found

euvd
euvd
added 2026/06/26 12:32 a.m.7 views

EUVD-2026-39576

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3
nvd
nvd
added 2026/06/25 10:17 p.m.11 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS0.0021EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/25 9:15 p.m.26 views

CVE-2026-11703 Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS0.0021EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 9:15 p.m.7 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3Affected Software1
alpinelinux
alpinelinux
added 2026/06/25 9:15 p.m.9 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS5.8AI score0.0021EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.14 views

PT-2026-52591

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where SNI Server Name Indication and ALPN Application-Layer Protocol Negotiation bindings are missing during stateful session-ID resumption. This...

7.5CVSS5.7AI score0.0021EPSS
Exploits0References7
hackerone
hackerone
added 2014/04/02 1:1 p.m.1693 views

Slack: TLS1/SSLv3 Renegotiation Vulnerability

URL: http://www.slack.com Vulnerability description A flaw in the design of the TLS v. 1/SSL v. 3 TLS/SSL handshake process was discovered in 2009, and RFC 5746 Feb. 2010 was released to update the protocol specification. Since then, most system manufacturers have released patches to fix this fla...

5.8CVSS1.4AI score0.87264EPSS
Exploits15
Rows per page
Query Builder