14 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of...
DEBIAN-CVE-2026-3230
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...
CVE-2026-3230 Improper key_share validation in TLS 1.3 HelloRetryRequest
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...
[SECURITY] Fedora 38 Update: fizz-2023.10.16.00-1.fc38
Fizz is a TLS 1.3 implementation. Fizz currently supports TLS 1.3 drafts 28, 26 both wire-compatible with the final specification, and 23. All major handshake modes are supported, includ ing PSK resumption, early data, client authentication, and HelloRetryRequest...
[SECURITY] Fedora 37 Update: fizz-2023.10.16.00-1.fc37
Fizz is a TLS 1.3 implementation. Fizz currently supports TLS 1.3 drafts 28, 26 both wire-compatible with the final specification, and 23. All major handshake modes are supported, includ ing PSK resumption, early data, client authentication, and HelloRetryRequest...
Oracle Linux 8 : nss / and / nspr (ELSA-2020-3280)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3280 advisory. nspr 4.25.0-2 - Rebuild 4.25.0-1 - Update to NSPR 4.25 nss 3.53.1-11 - Fix issue with upgradedb where upgradedb expects standard to generate dbm...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
UBUNTU-CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
Design/Logic Flaw
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...