Lucene search
+L

7 matches found

osv
osv
added 2026/06/30 11:39 p.m.3 views

BIT-ENVOY-2026-47778 Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...

4.4CVSS5.8AI score0.00212EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3974

Malware in sbrugna...

7.2CVSS7AI score0.00581EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 5:25 p.m.5 views

CVE-2020-11629

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to...

7.2CVSS7AI score0.00581EPSS
Exploits0References1
nvd
nvd
added 2020/04/08 12:15 a.m.24 views

CVE-2020-11629

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to...

7.2CVSS7AI score0.00581EPSS
Exploits0References1
osv
osv
added 2020/04/08 12:15 a.m.3 views

CVE-2020-11629

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to...

7.2CVSS7.1AI score0.00581EPSS
Exploits0References1
cve
cve
added 2020/04/07 11:34 p.m.53 views

CVE-2020-11629

EJBCA before 6.15.2.6 and 7.x before 7.3.1.2 is affected by a vulnerability in the External Command Certificate Validator . The validator allows uploading external linters to validate certificates, and is described as saving uploaded test certificates to the server. An attacker who gains access t...

7.2CVSS7AI score0.00581EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/04/07 11:34 p.m.28 views

CVE-2020-11629

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to...

7AI score0.00581EPSS
Exploits0References1
Rows per page
Query Builder