67 matches found
CVE-2017-1000416
CVE-2017-1000416 concerns axTLS 1.5.3, where a coding error in the ASN.1 parser causes the UTCTime year (19)50 to be misinterpreted as 2050. The available sources describe the issue and its manifestation but do not specify affected products beyond axTLS 1.5.3, nor provide remediation steps or exp...
CVE-2017-1000416
Removed by vendor...
CVE-2014-0139
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...
CVE-2014-0139
CVE-2014-0139 affects curl/libcurl up to version 7.36.0 when using TLS with OpenSSL, axtls, qsossl or gskit. The vulnerability arises from how the hostname validation handles wildcard characters in the certificate’s Common Name (CN); a crafted certificate could allow MITM spoofing of SSL servers....
CVE-2014-0139
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...
CVE-2014-0139
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...
CVE-2014-0139
cURL and libcurl 7.1 before 7.36.0, when using the OpenSSL, axtls, qsossl or gskit libraries for TLS, recognize a wildcard IP address in the subject's Common Name CN field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certifica...