Lucene search
K

84 matches found

NVD
NVD
added 2026/06/22 9:16 p.m.10 views

CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS0.00133EPSS
Exploits1References1
OSV
OSV
added 2026/06/22 9:16 p.m.2 views

UBUNTU-CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS5.9AI score0.00133EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-42327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 9:16 p.m.6 views

UBUNTU-CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/14 8:17 p.m.8 views

CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0
CVE
CVE
added 2026/05/14 8:17 p.m.31 views

CVE-2026-42327

The CVE-2026-42327 vulnerability affects rust-openssl bindings for OpenSSL, where X509Ref::ocsp_responders returns OCSP responder URLs from the AIA extension. In versions 0.9.7 through before 0.10.79, the code constructs &str from IA5String bytes using an unchecked UTF-8 assumption, allowing non-...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:17 p.m.7 views

CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/05 9:46 p.m.7 views

GHSA-XP3W-R5P5-63RR rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/05 9:46 p.m.10 views

rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.14 views

PT-2026-37265

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.7 through 0.10.78 Description The X509Ref::ocsp responders function returns OCSP responder URLs from a certificate's AIA extension as OpensslString. The Deref implementation wraps raw bytes using str::from utf8...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.7 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 25 vulnerabilities (USN-7995-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7995-1 advisory. It was discovered that the RMI component of OpenJDK 25 would establish RMI TCP endpoint connections to a remote host without setting ...

7.5CVSS6.5AI score0.00864EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/02/03 12:56 a.m.8 views

USN-7998-1: OpenJDK 17 vulnerabilities

It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.5 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 21 vulnerabilities (USN-8002-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8002-1 advisory. It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host...

7.5CVSS6.1AI score0.00864EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/02/02 11:31 p.m.7 views

USN-8002-1: OpenJDK 21 vulnerabilities

It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/02/02 11:25 p.m.7 views

USN-8001-1: OpenJDK 11 vulnerabilities

It was discovered that the RMI component of OpenJDK 11 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
OSV
OSV
added 2026/02/02 11:25 p.m.12 views

USN-8001-1 openjdk-lts vulnerabilities

It was discovered that the RMI component of OpenJDK 11 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/02/02 11:2 p.m.15 views

USN-8000-1: OpenJDK 8 vulnerabilities

It was discovered that the RMI component of OpenJDK 8 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
OSV
OSV
added 2026/02/02 11:2 p.m.6 views

USN-8000-1 openjdk-8 vulnerabilities

It was discovered that the RMI component of OpenJDK 8 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
OSV
OSV
added 2026/02/02 6:5 p.m.5 views

USN-7996-1 openjdk-25-crac vulnerabilities

It was discovered that the RMI component of CRaC JDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
OSV
OSV
added 2026/02/02 5:59 p.m.8 views

USN-7995-1 openjdk-25 vulnerabilities

It was discovered that the RMI component of OpenJDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
Rows per page
Query Builder