If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.

...

Linux Distros Unpatched Vulnerability : CVE-2022-45419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then delet...

CVE-2022-45419

If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2020-26117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as...

ROS-20230615-04

The vulnerability in Mozilla Firefox and Firefox ESR browsers is related to an operation exceeding buffer boundaries in memory. memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability in Mozilla Firefox browser is related to...

SUSE-SU-2020:2482-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:14484-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:14482-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: - Update to Java 7.0 Service Refresh 10 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - TRANSLATION MESSAGES UPDATE FOR JCL -...

Invalid Character in Amazon S3 Bucket Name

Challenge When adding/editing an object storage repository and selecting or creating a folder in the Amazon S3 bucket, the following error occurs: Could not establish trust relationship for the SSL/TLS secure channel. Applicable to build 4.0.0.1553. Exception of type...

Clickjacking of certificate warning page — Mozilla

Security Researcher Matt McCutchen reported that a clickjacking attack using the certificate warning page. A man-in-the-middle MITM attacker can use an iframe to display its own certificate error warning page about:certerror with the "Add Exception" button of a real warning page from a malicious...