Lucene search
K

298 matches found

OSV
OSV
added 2021/05/24 6:12 p.m.18 views

GHSA-4F68-49QQ-H392 Improper certificate validation in em-imap

em-imap 0.5 and earlier use the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.4CVSS7.2AI score0.00751EPSS
Exploits1References4
RubySec
RubySec
added 2021/05/24 12:0 a.m.21 views

Improper certificate validation in em-imap

em-imap 0.5 and earlier use the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.4CVSS5.1AI score0.00751EPSS
Exploits1References1
RubySec
RubySec
added 2021/05/24 12:0 a.m.18 views

Improper Certificate Validation in EM-HTTP-Request

EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.4CVSS5AI score0.00905EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/05/21 8:15 p.m.31 views

Design/Logic Flaw

It was found that various OpenID Providers OPs had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator CVE-2008-0166. In combination with the DNS Cache Poisoning issue CVE-2008-1447 and the fact that almost all SSL/TLS implementations do not...

4.3CVSS6.5AI score0.95182EPSS
Exploits28References2
RustSec
RustSec
added 2021/05/01 12:0 p.m.43 views

CA certificate check bypass with X509_V_FLAG_X509_STRICT

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS1.3AI score0.18339EPSS
Exploits1Affected Software1
OSV
OSV
added 2021/05/01 12:0 p.m.110 views

RUSTSEC-2021-0056 CA certificate check bypass with X509_V_FLAG_X509_STRICT

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.5AI score0.18339EPSS
Exploits1References3
RustSec
RustSec
added 2021/05/01 12:0 p.m.43 views

NULL pointer deref in signature_algorithms processing

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

5.9CVSS2.7AI score0.62906EPSS
Exploits3Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.37 views

SUSE: Security Advisory (SUSE-SU-2020:0454-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.57132EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.56 views

Oracle Linux 8 : openssl (ELSA-2021-1024)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1024 advisory. - CVE-2021-3450 openssl: CA certificate check bypass with X509VFLAGX509STRICT Tenable has extracted the preceding description block directly from the...

7.4CVSS7.9AI score0.62906EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.57 views

Tenable.sc 5.16.0 / 5.17.0 OpenSSL DoS (TNS-2021-06)

According to its self-reported version, the Tenable.sc application installed on the remote host is version 5.16.0 or 5.17.0 and affected by the following OpenSSL denial of service vulnerability: - An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References3
Mageia
Mageia
added 2021/04/05 3:54 p.m.78 views

Updated openssl packages fix security vulnerability

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

7.4CVSS1.7AI score0.62906EPSS
Exploits4References2
OSV
OSV
added 2021/04/05 3:54 p.m.11 views

MGASA-2021-0176 Updated openssl packages fix security vulnerability

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

7.4CVSS6.5AI score0.62906EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2021/03/26 12:0 a.m.45 views

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2021:0954-1)

This update for openssl-11 fixes the following security issue : CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/03/26 12:0 a.m.51 views

openSUSE Security Update : openssl-1_1 (openSUSE-2021-476)

This update for openssl-11 fixes the security issue : - CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a signaturealgorithmsce...

5.9CVSS7.7AI score0.62906EPSS
Exploits3References2
OSV
OSV
added 2021/03/25 10:6 p.m.13 views

OPENSUSE-SU-2021:0476-1 Security update for openssl-1_1

This update for openssl-11 fixes the security issue: CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a signaturealgorithmscert...

5.9CVSS7.5AI score0.62906EPSS
Exploits3References3
NVD
NVD
added 2021/03/25 3:15 p.m.19 views

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

5.9CVSS0.62906EPSS
Exploits3References29
Prion
Prion
added 2021/03/25 3:15 p.m.42 views

Null pointer dereference

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

4.3CVSS6.5AI score0.62906EPSS
Exploits3References28Affected Software68
OSV
OSV
added 2021/03/25 3:11 p.m.7 views

SUSE-SU-2021:0955-1 Security update for openssl-1_1

This update for openssl-11 fixes the security issue: CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a signaturealgorithmscert...

5.9CVSS6.5AI score0.62906EPSS
Exploits3References3
OSV
OSV
added 2021/03/25 3:11 p.m.7 views

SUSE-SU-2021:0954-1 Security update for openssl-1_1

This update for openssl-11 fixes the following security issue: CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension but includes a...

5.9CVSS6.5AI score0.62906EPSS
Exploits3References3
Cvelist
Cvelist
added 2021/03/25 2:25 p.m.34 views

CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT

The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.6AI score0.18339EPSS
Exploits1References24
Rows per page
Query Builder