PT-2026-26601

Name of the Vulnerable Software and Affected Versions Traefik versions 2.11.40 and below Traefik versions 3.0.0-beta1 through 3.6.11 Traefik version 3.7.0-ea.1 Description Traefik, an HTTP reverse proxy and load balancer, is susceptible to a mutual TLS mTLS bypass. This occurs due to a flaw in th...

EUVD-2020-12713

Malware in sbrugna...

EUVD-2017-6591

Malware in sbrugna...

Unity Linux 20.1070e Security Update: httpd (UTSA-2025-987457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987457 advisory. Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into lo...

EUVD-2022-26055

Malicious code in bioql PyPI...

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

AZL-65172 CVE-2024-47252 affecting package httpd for versions less than 2.4.64-1

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

PT-2024-3092 · Envoy +1 · Envoy +1

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.5 Envoy versions prior to 1.28.3 Envoy versions prior to 1.29.4 Envoy versions prior to 1.30.1 Description: The issue arises when an upstream TLS cluster is used with auto sni enabled and a request contains a...

io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

GHSA-9PH3-V2VH-3QX7 Eclipse Vert.x vulnerable to a memory leak in TCP servers

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

PT-2024-7970 · Eclipse · Eclipse Vert.X

Name of the Vulnerable Software and Affected Versions: Eclipse Vert.x affected versions not specified Description: A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name, the default...

PT-2022-2551 · Cisco · Cisco Umbrella Secure Web Gateway

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella Secure Web Gateway SWG affected versions not specified Description: A vulnerability in the automatic decryption process could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies...

OPENSUSE-SU-2020:1505-1 Security update for libetpan

This update for libetpan fixes the following issues: Update to 1.9.4 boo1174579, CVE-2020-15953: Bugfixes on QUOTA Varios warning fixes & build fixes Update to version 1.9.3 Added IMAP CLIENTID / SMTP CLIENTID support Use Cyrus SASL 2.1.27 Update to version 1.9.2 Support of TLS SNI LMDB for cache...

openSUSE Security Update : libetpan (openSUSE-2020-1454)

This update for libetpan fixes the following issues : Update to 1.9.4 boo1174579, CVE-2020-15953 : - Bugfixes on QUOTA - Varios warning fixes & build fixes Update to version 1.9.3 - Added IMAP CLIENTID / SMTP CLIENTID support - Use Cyrus SASL 2.1.27 Update to version 1.9.2 - Support of TLS SNI -...

OPENSUSE-SU-2020:1454-1 Security update for libetpan

This update for libetpan fixes the following issues: Update to 1.9.4 boo1174579, CVE-2020-15953: Bugfixes on QUOTA Varios warning fixes & build fixes Update to version 1.9.3 Added IMAP CLIENTID / SMTP CLIENTID support Use Cyrus SASL 2.1.27 Update to version 1.9.2 Support of TLS SNI LMDB for cache...

Security update for libetpan (moderate)

openSUSE Security Update: Security update for libetpan Announcement ID: openSUSE-SU-2020:1454-1 Rating: moderate References: 1174579 Cross-References: CVE-2020-15953 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for libetpa...

Facebook osquery trust management issue vulnerability

Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. A trust management issue vulnerability exists in Facebook osquery versions 2.9.0 through 4.2.0 excluding versions 2.9.0 and 4.2.0, which stems from the program...

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...