4 matches found
CVE-2025-6037
A flaw was found in github.com/hashicorp/vault. The TLS certificate authentication method fails to properly validate client certificates when a non-CA certificate is designated as trusted. This vulnerability enables an attacker with a manipulated certificate to evade authentication and impersonat...
CVE-2025-6037
Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...
Advisory ROSA-SA-2025-2688
Software: perl 0.074 OS: ROSA Virtualization 3.0 packageevrstring: perl-0.074-2 CVE-ID: CVE-2023-31486 BDU-ID: 2023-03872 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Perl HTTP::Tiny programming language library is related to errors in the TLS certificate authentication procedure. Exploitatio...
Jenkins Proxmox Plugin Trust Management Issue Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Proxmox Plugin 0.6.0 and earlier...