Lucene search
K

719 matches found

EUVD
EUVD
added 2026/04/01 9:30 p.m.3 views

EUVD-2026-18064

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

5.9AI score0.00241EPSS
Exploits0References3
NVD
NVD
added 2026/04/01 9:17 p.m.8 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS0.00241EPSS
Exploits0References2
OSV
OSV
added 2026/04/01 9:17 p.m.4 views

DEBIAN-CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.2AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 9:17 p.m.7 views

UBUNTU-CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/01 9:17 p.m.14 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.9AI score0.00241EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/01 10:19 a.m.6 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/01 9:29 a.m.12 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

TencentOS Server 3: osbuild-composer (TSSA-2026:0204)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0204 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

10CVSS6.9AI score0.01945EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

TencentOS Server 3: git-lfs (TSSA-2026:0203)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0203 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

10CVSS6.9AI score0.01945EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29611

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.9AI score0.00426EPSS
Exploits0References14
CVE
CVE
added 2026/04/01 12:0 a.m.27 views

CVE-2026-34873

Summary: CVE-2026-34873 affects Mbed TLS 3.5.0–4.0.0, enabling client impersonation during TLS 1.3 session resumption. Impact (per CVE): Confidentiality and integrity may be affected (CRITICAL/9.1 CVSS). Root cause (as described): vulnerability arises during TLS 1.3 session resumption with the Mb...

9.1CVSS5.9AI score0.00241EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/04/01 12:0 a.m.2 views

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 session resumption logic if the subsequent ClientHello negotiates TLS 1.2 back. An attacker can gain unauthorized access by impersonating a...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/01 12:0 a.m.28 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

0.00241EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/01 12:0 a.m.4 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.2AI score0.00241EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.5 views

RHEL 9 : OpenShift Container Platform 4.19.27 (RHSA-2026:5876)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5876 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

10CVSS6.8AI score0.00765EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/31 4:23 p.m.11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/31 4:23 p.m.10 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS6.8AI score0.01945EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2026/03/31 4:12 p.m.8 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
OSV
OSV
added 2026/03/27 12:7 p.m.5 views

RLSA-2026:5146 Important: yggdrasil security update

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: crypto/x509: golang: Denial of Service due to...

7.5CVSS7.2AI score0.01945EPSS
Exploits3References4
Rockylinux
Rockylinux
added 2026/03/27 12:7 p.m.6 views

yggdrasil security update

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list yggdrasil is a system daemon that subscribes to topics on an MQTT broker a...

10CVSS6AI score0.01945EPSS
Exploits3
Rows per page
Query Builder