2 matches found
PYSEC-2026-326 dcap-qvl has Missing Verification for QE Identity
Impact This vulnerability involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qeidentity, qeidentitysignature, and qeidentityissuerchain from the PCCS. However, it skips to verify the QE Identity signature...
CVE-2025-54809
CVE-2025-54809 (F5 Access for Android) affects Android clients of F5 Access prior to version 3.1.2. The vulnerability arises because, when using HTTPS, the client does not verify the remote endpoint identity, enabling potential man-in-the-middle interception. Affected versions are 3.1.0–3.1.1; a ...