Important: amazon-efs-utils

Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...

Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2026-1564)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1564 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

SUSE CVE-2026-4428

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

Linux Distros Unpatched Vulnerability : CVE-2026-4428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a...

PT-2026-26369

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

AWS libcrypto 安全漏洞

AWS libcrypto is a general-purpose encryption library open sourced by Amazon Web Services. Prior to version 1.71.0 of AWS libcrypto, there was a security vulnerability. This vulnerability stemmed from a logical error in the CRL distribution point validation process, which incorrectly rejected CRL...

ROS-20251022-03

ProFTPD FTP server vulnerability is related to a null pointer dereferencing error in the function tlsverifycrl in ProFTPD when processing data returned by OpenSSL function skX509REVOKEDvalue when detecting an empty certificate revocation list set by the system administrator. Exploitation of the...

EUVD-2019-0491

Malware in sbrugna...

EUVD-2011-3171

Malware in sbrugna...

Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)

Issue Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List CRL were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between...

GHSA-HWCC-4CV8-CF3H Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)

Issue Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List CRL were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between...

AlmaLinux 8 : openssl (ALSA-2020:5476)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5476 advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

CVE-2020-16162

An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates...

CRL Validation Bypass

OpenSSL is vulnerable to CRL validation bypass. An uninitialized variable use flaw was found in OpenSSL. This flaw could cause anapplication using the OpenSSL Certificate Revocation List CRL checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past...

SOL15318 - OpenSSL vulnerability CVE-2011-3207

Note: LineRate uses the specified vulnerable OpenSSL version, but CRL validation is not enabled, so the product is not vulnerable. Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed ...

Amazon Linux AMI : openssl (ALAS-2011-04)

The MITRE CVE database describes CVE-2011-3207 as : crypto/x509/x509vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. C Tenable...

Microsoft Windows活动目录LDAPS身份验证绕过漏洞(MS11-086)

CVE ID: CVE-2011-2014 Microsoft Windows是流行的计算机操作系统。 Microsoft Windows在实现上存在安全漏洞，可被恶意用户利用绕过安全限制。 此漏洞源于由于无法根据CRL验证与域账号相关的SSL证书的撤销状态，活动目录在配置为使用LDAP over SSL（非默认设置）时存在错误。 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Storage Server 2003 Microsoft Windows Server 2008 Microsoft Windows...

GLSA-201110-01 : OpenSSL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201110-01 OpenSSL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could cause a Denial of...

OpenSSL: Multiple vulnerabilities

Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced...

Mandriva Update for openssl MDVSA-2011:137 (openssl)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...