Lucene search
K

11 matches found

F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.44 views

K20224417: OCSP responder vulnerability CVE-2018-8019

Security Advisory Description When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with...

7.4CVSS6.6AI score0.04068EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2019:14014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.7AI score0.04199EPSS
Exploits0References7
Mageia
Mageia
added 2019/05/19 11:27 a.m.44 views

Updated tomcat-native packages fix security vulnerability

When using an OCSP responder did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS CVE-2018-8019. Did not properly check OCSP...

7.4CVSS2.6AI score0.04199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/10 12:0 a.m.42 views

SUSE SLES11 Security Update : libtcnative-1-0 (SUSE-SU-2019:14014-1)

This update for libtcnative-1-0 to version 1.1.34 fixes the following issues : CVE-2017-15698: Fixed an improper handling of fields with more than 127 bytes which could allow invalid client certificates to be accepted bsc1078679. CVE-2018-8019: When using an OCSP responder did not correctly handl...

7.4CVSS6.6AI score0.04199EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2018/08/25 12:0 a.m.34 views

Debian: Security Advisory (DLA-1475-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.6AI score0.04199EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/08/17 12:0 a.m.57 views

RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 4 (RHSA-2018:2469)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2469 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

9.8CVSS7.8AI score0.21979EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2018/08/16 3:1 p.m.165 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 4 security and bug fix update

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7AI score0.21979EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/08/16 2:50 p.m.134 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 4 security and bug fix update

An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7AI score0.21979EPSS
Exploits0References7
CVE
CVE
added 2018/07/31 1:0 p.m.117 views

CVE-2018-8019

CVE-2018-8019 affects OCSP handling in Apache Tomcat Native. Affects Tomcat Native versions 1.2.0–1.2.16 and 1.1.23–1.1.34 where invalid OCSP responses could cause revoked client certificates to be accepted during mutual TLS authentication. Public details indicate vulnerability in OCSP response p...

7.4CVSS7.2AI score0.04068EPSS
Exploits0References10Affected Software1
Apache Tomcat
Apache Tomcat
added 2018/07/31 12:0 a.m.35 views

Fixed in Apache Tomcat Native Connector 1.2.17

Moderate: Mishandled OCSP invalid response CVE-2018-8019 When using an OCSP responder Tomcat Native did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates...

7.4CVSS7.2AI score0.04199EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbounty
added 2018/02/11 9:14 a.m.8 views

newpeople.nl XSS vulnerability

Open Bug Bounty ID: OBB-556975 Description| Value ---|--- Affected Website:| newpeople.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Rows per page
Query Builder