6 matches found
EUVD-2026-30042
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-8367
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
UBUNTU-CVE-2026-8367
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
PT-2026-40700
aria2c accepts a server certificate with incorrect Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
The vulnerability of the aria2c download utility’s aria2 component, which allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the aria2c download utility’s aria2 component relates to the disclosure of information through registration files. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
Default credentials
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file...