GHSA-8HJ4-W233-G35Q Downloads Resources over HTTP in react-native-baidu-voice-synthesizer

Affected versions of react-native-baidu-voice-synthesizer insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

UBUNTU-CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

DEBIAN-CVE-2018-8019

When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using...

Design/Logic Flaw

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

DEBIAN-CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

CVE-2018-8019

When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using...

UBUNTU-CVE-2018-8019

When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using...

CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

CVE-2018-8019

CVE-2018-8019 affects OCSP handling in Apache Tomcat Native. Affects Tomcat Native versions 1.2.0–1.2.16 and 1.1.23–1.1.34 where invalid OCSP responses could cause revoked client certificates to be accepted during mutual TLS authentication. Public details indicate vulnerability in OCSP response p...

CVE-2018-8020

CVE-2018-8020 affects Apache Tomcat Native 1.2.0–1.2.16 and 1.1.23–1.1.34. The flaw: OCSP pre-produced responses are not properly checked, so revoked client certificates may not be identified in mutual-TLS connections. This vulnerability is explicitly tied to OCSP checking; systems not using OCSP...

CVE-2018-8019

When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using...

CVE-2018-8020

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists multiple entries of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate wit...

Fixed in Apache Tomcat Native Connector 1.2.17

Moderate: Mishandled OCSP invalid response CVE-2018-8019 When using an OCSP responder Tomcat Native did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates...

"Attach a Smart Card Reader and Insert Your Smart Card to Log On" When Using Certificate Based Authentication in Native Receiver

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. "Attach a Smart Card Reader and Insert Your Smart Card to Log On" when using certificate based...

GHSA-Q75G-2496-MXPP Regular Expression Denial of Service in parsejson

Affected versions of parsejson are vulnerable to a regular expression denial of service when parsing untrusted user input. Recommendation The parsejson package has not been functionally updated since it was initially released. Additionally, it provides functionality which is natively included in...

Google WebRTC VP9 Out-of-Bounds Memory Access Vulnerability

WebRTC, whose name derives from the acronym Web Real-Time Communication, is a technology that supports real-time voice or video conversations in web browsers. A security vulnerability exists in Google WebRTC VP9. An attacker can exploit the vulnerability to cause Chrome to crash. The vulnerabilit...

RHEL 7 : glusterfs (RHSA-2018:1954)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1954 advisory. GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance fo...