3 matches found
CVE-2017-18588
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...
CVE-2017-18588
The CVE targets the Rust security-framework crate (before 0.1.12). When ClientBuilder uses custom root certificates, hostname verification for TLS certificates does not occur. The issue is caused by hostname validation not being performed in that scenario. A fix is available by upgrading to 0.1.1...
CVE-2017-18588
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...