Lucene search
K

13 matches found

Snyk
Snyk
added 5 days ago4 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the connection pool process. An attacker can bypass intended certificate validation by reusing a handle that initially used the default native CA trust and then switching it to custom CA...

9.1CVSS6AI score0.00479EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.5 views

libcurl 8.17.0 < 8.21.0 Native CA Trust Persist

The version of libcurl installed on the remote host is 8.17.0 prior to 8.21.0. It is, therefore, affected by an improper certificate validation vulnerability: - An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches th...

9.1CVSS5.9AI score0.00479EPSS
Exploits1References2
Hacker One
Hacker One
added 2026/06/08 8:24 a.m.8 views

curl: CVE-2026-11564: Native CA trust persist

A vulnerability was discovered in the libcurl library where a native CA trust could persist after an easy handle switches to custom CA material. The vulnerability was found to affect builds of libcurl that enable the native CA trust feature. The issue stemmed from the fact that the library did no...

9.1CVSS5.8AI score0.00479EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/05/06 8:38 p.m.10 views

CVE-2026-40243

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

4.8CVSS5.8AI score0.00173EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/05/04 7:8 p.m.14 views

Incus has an OVN TLS Verification that Accepts Peer-Supplied Roots

Summary Broken TLS validation logic in the OVN database connection logic could allow connections to an attacker's OVN database. OVN uses mTLS for authentication, so the attacker cannot actually perform a full man in the middle attack as they won't be able to authenticated with the real OVN...

4.8CVSS5.8AI score0.00173EPSS
Exploits1References7Affected Software1
Rockylinux
Rockylinux
added 2024/09/17 12:55 a.m.46 views

ca-certificates bug fix and enhancement update

An update is available for ca-certificates. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ca-certificates package contains a set of Certificate Authority C...

9.8CVSS7AI score0.00468EPSS
Exploits0
Rockylinux
Rockylinux
added 2023/09/19 12:10 p.m.42 views

ca-certificates bug fix and enhancement update

An update is available for ca-certificates. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ca-certificates package contains a set of Certificate Authority C...

6.9AI score
Exploits0
Rockylinux
Rockylinux
added 2022/09/13 7:37 a.m.31 views

ca-certificates bug fix and enhancement update

An update is available for ca-certificates. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ca-certificates package contains a set of Certificate Authority C...

1.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/11/24 9:11 p.m.32 views

Improper certificate management in AWS IoT Device SDK v2

Connections initialized by the AWS IoT Device SDK v2 for Java versions prior to 1.4.2, Python versions prior to 1.6.1, C++ versions prior to 1.12.7 and Node.js versions prior to 1.5.3 did not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in the...

8.8CVSS3.7AI score0.00375EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2021/02/12 10:37 a.m.6 views

SUSE-SU-2021:0448-1 Security update for SUSE Manager Server 4.0

This update fixes the following issues: cpu-mitigations-formula: - Handle unsupported target systems gracefully bsc1179273 - add mitigations for Xen hypervisor nutch-core: - Fix XXE injection in DmozParser CVE-2021-23901 bsc1181356 smdba: - Do not remove the database if there is no backup and dea...

9.1CVSS9.5AI score0.04359EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.15 views

Fedora 28 : ca-certificates (2018-6d91fc0518)

This is an update to version 2.24 of the Mozilla CA trust list, which has been published as part of the NSS 3.37 release. Please refer to the upstream release notes for the changes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS3.37 releasenotes Note that Tenable Network Securi...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/11/10 12:0 a.m.20 views

Debian DSA-2343-1 : openssl - CA trust revocation

Several weak certificates were issued by Malaysian intermediate CA'Digicert Sdn. Bhd.' This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA's cross-signed certificates. This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this decision ...

5.4AI score
Exploits0References2
OSV
OSV
added 2011/11/09 12:0 a.m.14 views

DSA-2343-1 openssl - CA trust revocation

Bulletin has no description...

7.2AI score
Exploits0
Rows per page
Query Builder