Lucene search
K

8 matches found

alpinelinux
alpinelinux
added 2026/06/25 8:8 p.m.5 views

CVE-2026-6731

X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...

7.5CVSS5.8AI score0.00124EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.9 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by node.js’s built-in APIs. There is a security vulnerability in Erlang/OTP, which stems from improper certificate verification in the publickey module. This vulnerability allows...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References7
ibm
ibm
added 2026/05/04 2:4 p.m.4 views

Security Bulletin: There is a vulnerability in cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-34073)

Summary There is a vulnerability in cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes...

6.3CVSS5.7AI score0.00154EPSS
Exploits0Affected Software1
pypa
pypa
added 2026/03/31 3:15 a.m.22 views

PYSEC-2026-35

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography...

6.3CVSS5.7AI score0.00154EPSS
Exploits0References1Affected Software1
suse
suse
added 2026/03/03 12:38 p.m.3 views

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

9.6CVSS6AI score0.00765EPSS
Exploits1References10
osv
osv
added 2026/03/03 12:38 p.m.4 views

SUSE-SU-2026:0760-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

10CVSS6AI score0.00765EPSS
Exploits1References5
nessus
nessus
added 2026/02/15 12:0 a.m.8 views

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20214-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20214-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code...

10CVSS8.2AI score0.00765EPSS
Exploits1References7
cve
cve
added 2025/12/03 7:37 p.m.181 views

CVE-2025-61727

The CVE-2025-61727 issue stems from crypto/x509: an excluded subdomain constraint in a certificate chain does not restrict wildcard SANs in the leaf certificate (e.g., excluding test.example.com does not block SAN *.example.com). This can allow a leaf certificate to claim a wildcard SAN despite t...

6.5CVSS6.5AI score0.00274EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder