Lucene search
+L

191 matches found

Tenable Nessus
Tenable Nessus
added yesterday2 views

SUSE SLED15 / SLES15 Security Update : sccache (SUSE-SU-2026:3022-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:3022-1 advisory. Update to version 0.15.017. - CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when ...

9.8CVSS6.2AI score0.01121EPSS
Exploits2References43
SUSE Linux
SUSE Linux
added 2 days ago3 views

Security update for sccache

This update for sccache fixes the following issues: Update to version 0.15.017. CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when H2 component processes HTTP2 RSTSTREAM frames bsc1210346. CVE-2024-32650: rust-rustls: infinite loop in...

8.7CVSS6.7AI score0.01121EPSS
Exploits2References56
OSV
OSV
added 2 days ago3 views

SUSE-SU-2026:3022-1 Security update for sccache

This update for sccache fixes the following issues: Update to version 0.15.017. - CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when H2 component processes HTTP2 RSTSTREAM frames bsc1210346. - CVE-2024-32650: rust-rustls: infinite loop in...

9.3CVSS6.2AI score0.01121EPSS
Exploits2References29
Hacker One
Hacker One
added 2026/06/26 8:40 a.m.21 views

curl: mbedTLS / wolfSSL / rustls backends silently skip hostname verification when CURLOPT_SSL_VERIFYPEER=0

Summary When an application sets CURLOPTSSLVERIFYPEER=0 while keeping CURLOPTSSLVERIFYHOST=2 the default, the mbedTLS, wolfSSL, and rustls TLS backends silently skip the hostname-vs-certificate check. The OpenSSL, GnuTLS, and Schannel backends correctly preserve hostname checking under the same...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.69 views

GHSA-PHQJ-4MHP-Q6MQ vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.20 views

CVE-2026-45784 vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...

5.1AI score0.00019EPSS
Exploits0
Hacker One
Hacker One
added 2026/05/14 10:40 a.m.39 views

curl: rustls backend silently ignores CURLOPT_CRLFILE when native CA store is active

Hi all, When the rustls backend is configured to use the OS native CA store --ca-native / CURLSSLOPTNATIVECA, any CRL file supplied via --crlfile / CURLOPTCRLFILE is silently ignored. The option is accepted — CURLEOK from curleasysetopt, exit 0 from the command line — and revoked certificates pas...

5.8AI score
Exploits0
Hacker One
Hacker One
added 2026/05/13 11:33 p.m.43 views

curl: TLS verifyhost bypass in rustls, mbedTLS, and wolfSSL when verifypeer=0

The now-well-known CURLOPTSSLVERIFYHOST-bypass-when-CURLOPTSSLVERIFYPEER=0 defect exists in three of curl's TLS backends: rustls EXPERIMENTAL, mbedTLS, and wolfSSL DNS hostnames only. The documented contract at docs/libcurl/opts/CURLOPTSSLVERIFYPEER.md:57-59: The check that the host name in the...

5.8CVSS6.5AI score0.04866EPSS
Exploits0
Hacker One
Hacker One
added 2026/05/06 9:23 p.m.37 views

curl: CURLOPT_PROXY_CRLFILE / CURLOPT_PROXY_ISSUERCERT / CURLOPT_PROXY_ISSUERCERT_BLOB silently ignored on backends that don't support them

From the Mythos report 2026-05-06 F1. CURLOPTPROXYCRLFILE / CURLOPTPROXYISSUERCERT / CURLOPTPROXYISSUERCERTBLOB silently ignored on backends that don't support them — severity Low https://github.com/curl/curl/blob/455bebc2c7/lib/setopt.cL1786-L1797...

6.5CVSS6.5AI score0.01299EPSS
Exploits3
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.15 views

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...

8.3CVSS5.1AI score0.0028EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/04 12:0 a.m.6 views

Security update for himmelblau (moderate)

openSUSE security update: security update for himmelblau ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20658-1 Rating: moderate References: bsc1261324 bsc1261613 Cross-References: CVE-2026-34397 CVSS scores: CVE-2026-34397 SUSE : 6.3...

7.2CVSS5.8AI score0.00158EPSS
Exploits1References2
Fedora
Fedora
added 2026/05/01 3:12 a.m.8 views

[SECURITY] Fedora 44 Update: rust-rustls-webpki-0.103.13-1.fc44

Web PKI X.509 Certificate Verification...

5.2AI score
Exploits0
Fedora
Fedora
added 2026/05/01 3:6 a.m.8 views

[SECURITY] Fedora 43 Update: rust-rustls-webpki-0.103.13-1.fc43

Web PKI X.509 Certificate Verification...

5.2AI score
Exploits0
Fedora
Fedora
added 2026/05/01 1:27 a.m.12 views

[SECURITY] Fedora 42 Update: rust-rustls-webpki-0.103.13-1.fc42

Web PKI X.509 Certificate Verification...

5.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.10 views

Fedora 43 : rust-rustls-webpki (2026-bea616fc84)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bea616fc84 advisory. Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104. Tenable has extracted the preceding description block directly...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.12 views

Fedora 42 : rust-rustls-webpki (2026-204499102d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-204499102d advisory. Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104. Tenable has extracted the preceding description block directly...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.6 views

Fedora 44 : rust-rustls-webpki (2026-8f36b2341e)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8f36b2341e advisory. Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104. ---- Update to version 0.103.10. Addresses RUSTSEC-2026-0049...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/30 5:8 p.m.6 views

OPENSUSE-SU-2026:20658-1 Security update for himmelblau

This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b. Security issues fixed: - CVE-2026-34397: Fixed naming collision that can lead to local privilege escalation bsc1261324. Other updates and bugfixes: - update aws-lc-sys to 0.39.0 for security fixes - updat...

7CVSS5.8AI score0.00158EPSS
Exploits1References3
OSV
OSV
added 2026/04/30 5:6 p.m.18 views

SUSE-SU-2026:21437-1 Security update for himmelblau

This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b. Security issues fixed: - CVE-2026-34397: Fixed naming collision that can lead to local privilege escalation bsc1261324. Other updates and bugfixes: - update aws-lc-sys to 0.39.0 for security fixes - updat...

7CVSS5.8AI score0.00158EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2026/04/24 4:20 p.m.8 views

AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4020 more potentially affected by unknown CVE via rustls-webpki (>=0.100.3 <=0.102.8)

rustls-webpki CARGO version =0.100.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-82J2-J2CH-GFR8...

5.7AI score
Exploits0
Rows per page
Query Builder