CVE-2021-40088

PrimeKey EJBCA CMP RA Mode (versions prior to 7.6.0) can be configured to authenticate enrollments with a known client certificate, and the same certificate is used for revocation requests. The multi-tenancy access check applied during enrollment is not performed during revocation authentication,...

CVE-2021-40088

An issue was discovered in PrimeKey EJBCA before 7.6.0. CMP RA Mode can be configured to use a known client certificate to authenticate enrolling clients. The same RA client certificate is used for revocation requests as well. While enrollment enforces multi tenancy constraints by verifying that...

Primekey Solutions PrimeKey EJBCA 安全漏洞

Primekey Solutions PrimeKey EJBCA is a full-featured CA system software from PrimeKey Solutions Primekey Solutions, Sweden. The software is used for domain certificate management, enrollment and enrollment-to-certificate validation and other functions to achieve access security. A security...

Shopify: Senseitive data Related to Shopify Host -> https://shopify.zendesk.com/

Description : Github is truly awesome service but its unwise to put sensitive data in public repo as i was found a repo committed 1 houre ago contain Senseitive data Credentials && ZRTAPIKEY && JWTSECRET related to this Host - https://shopify.zendesk.com/ leaked publicly in github, and clearly th...

Amazon Linux 2 : curl (ALAS-2021-1693)

The version of curl installed on the remote host is prior to 7.76.1-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1693 advisory. A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl...

ARM Mbed TLS Trust Management Issues Vulnerability (CNVD-2021-59581)

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption capabilities for mbed products. A security vulnerability exists in Arm Mbed TLS versions prior to 2.24.0 that stems from the program's incorrect use of the revocation date check when it decides whether to revo...

GO-2021-0109 Improper handling of token revocation in github.com/ory/fosite

Due to improper error handling, an error with the underlying token storage may cause a user to believe a token has been successfully revoked when it is in fact still valid. An attackers ability to exploit this relies on an ability to trigger errors in the underlying storage...

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

DEBIAN-CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

Design/Logic Flaw

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

UBUNTU-CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

UBUNTU-CVE-2020-36426

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtlsx509crlparseder has a buffer over-read of one byte...

CVE-2020-36425

Arm Mbed TLS before 2.24.0 contains a revocation check flaw for CRLs: it inconsistently honors revocation via CRL by using a revocationDate check, which can be exploited by altering the local clock. This can affect certificate revocation handling. Remediation is to upgrade to version 2.24.0 or la...

ARM mbed TLS 信任管理问题漏洞

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption capabilities for mbed products. A security vulnerability exists in Arm Mbed TLS versions prior to 2.24.0 that stems from the program's incorrect use of the revocation date check when it decides whether to revo...

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

kernel security and bug fix update

4.18.0-305.7.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 8 : curl (ELSA-2021-1610)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1610 advisory. - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284...