Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.23 views

Alibaba Cloud Linux 3 : 0037: pki-core:10.6 (ALINUX3-SA-2021:0037)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0037 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-11023: In jQuery versions greater...

9.8CVSS8.2AI score0.9927EPSS
Exploits55References7
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-15720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-code...

6.8CVSS7.3AI score0.01009EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.131 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4847 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

9.8CVSS7.5AI score0.9927EPSS
Exploits67References14
NVD
NVD
added 2020/07/14 2:15 p.m.21 views

CVE-2020-15720

In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a result, tools making use of this class, such as the...

6.8CVSS0.01009EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/07/14 2:15 p.m.48 views

CVE-2020-15720

In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a result, tools making use of this class, such as the...

6.8CVSS6.6AI score0.01009EPSS
Exploits0References4
CVE
CVE
added 2020/07/14 1:46 p.m.162 views

CVE-2020-15720

The CVE-2020-15720 issue affects Dogtag PKI through 10.8.3 where the pki.client.PKIConnection class does not validate Python-requests certificates because verify is hard-coded in request functions. This can expose non-localhost use cases (e.g., via pki-server) to MITM attacks. Affected remediatio...

6.8CVSS6.5AI score0.01009EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2020/07/14 1:46 p.m.21 views

CVE-2020-15720

In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a result, tools making use of this class, such as the...

6.8CVSS6.4AI score0.01009EPSS
Exploits0
Rows per page
Query Builder