Lucene search
K

10 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

OpenSSL 异常处理不当漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.9AI score0.00419EPSS
Exploits0References3
CVE
CVE
added 2026/06/08 3:22 p.m.58 views

CVE-2026-44185

CVE-2026-44185 describes a buffer over-read in Apache HTTP Server when handling outbound OCSP requests to an attacker-controlled OCSP server. Affected versions are 2.4.0 through 2.4.67. The vulnerability is associated with the OCSP handling path (mod_ssl OCSP send_request) and can enable an attac...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.13 views

openSUSE 16 Security Update : tomcat (openSUSE-SU-2026:20611-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20611-1 advisory. - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. -...

9.1CVSS5.6AI score0.21691EPSS
Exploits7References31
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.8 views

openSUSE 16 Security Update : tomcat11 (openSUSE-SU-2026:20595-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20595-1 advisory. - Update to Tomcat 11.0.21 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS5.8AI score0.21691EPSS
Exploits7References31
Snyk
Snyk
added 2026/04/08 9:0 p.m.4 views

Improper Authentication

Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Authentication in processOCSPRequest, which is part of the the CLIENTCERT authentication process. An attacker can trigger a soft-fail of OCSP checks when...

9.1CVSS5.8AI score0.00715EPSS
Exploits1References2
Apache Tomcat
Apache Tomcat
added 2026/03/23 12:0 a.m.8 views

Fixed in Apache Tomcat 10.1.53

Moderate: The fix forCVE-2025-66614 was incomplete CVE-2026-32990 The validation of SNI name and host name did not take account of possible differences in case allowing the strict SNI checks to be bypassed. This was fixed with commit 4d0615a5. This issue was reported to the Tomcat security team o...

9.1CVSS6.7AI score0.0504EPSS
Exploits2Affected Software1
Apache Tomcat
Apache Tomcat
added 2026/03/20 12:0 a.m.13 views

Fixed in Apache Tomcat 11.0.20

Moderate: The fix forCVE-2025-66614 was incomplete CVE-2026-32990 The validation of SNI name and host name did not take account of possible differences in case allowing the strict SNI checks to be bypassed. This was fixed with commit 021d1f83. This issue was reported to the Tomcat security team o...

9.1CVSS6.7AI score0.0504EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2022/07/01 1:32 a.m.4 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 1:31 a.m.3 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/03/07 3:9 p.m.8 views

tomcat-native: Mishandling of client certificates can allow for OCSP check bypass

When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates th...

5.9CVSS7.3AI score0.03594EPSS
Exploits0References4
Rows per page
Query Builder