2016 matches found
CVE-2020-29663
CVE-2020-29663 affects Icinga 2. Versions affected: 2.8.0–2.11.7 and 2.12.2. Root cause: revoked certificates due for renewal are renewed automatically, bypassing the CRL check. Impact: certificate revocation not enforced for renewals (attack surface in TLS trust). Mitigation: upgrade to fixed re...
CVE-2020-29663
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3...
Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2021-00394)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Android Firefox that stems from a lack of service initialization and OneCRL being non-functional in the new Android Firefox. This may result in the inability to enfor...
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
DEBIAN-CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
ALPINE-CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
Input validation
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
CVE-2020-8286
The CVE-2020-8286 issue affects curl/libcurl where OCSP responses were not verified correctly against the certificate, leaving room for fraudulent OCSP responses to appear valid and potentially bypass revocation checks. Reported range: curl versions 7.41.0 through 7.73.0. Impact phrasing in cited...
Vulnerability fixed in OpenSSL
A vulnerability has been fixed in OpenSSL. When a remote malicious party manages to provide a rogue certificate and a rogue certificate-revocation-list manages to offer them to an ssl server or ssl client, a denial-of-service can be caused by doing so. OpenSSL has released updates to fix the...
CVE-2020-26957
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...
UBUNTU-CVE-2020-26957
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...
CVE-2020-26957
CVE-2020-26957 : OneCRL was non-functional in the new Firefox for Android due to a missing service initialization, potentially causing failure to enforce certain certificate revocations. Affected product/variant: Firefox on Android (Firefox
CVE-2020-26957
OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...
CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...
UBUNTU-CVE-2020-8286
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response...