Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/06/15 12:0 a.m.13 views

CVE-2026-45388

CVE-2026-45388 affects OCaml-TLS before 2.1.0. The TLS 1.3 client path in handshake_client13.ml did not wire into validate_keyusage, allowing a certificate issued for non-server purposes (e.g., clientAuth, codeSigning, emailProtection) to impersonate a TLS server if the EKU/KeyUsage restrictions ...

9.1CVSS5.2AI score0.00225EPSS
Exploits1References1
CVE
CVEadded 2026/06/15 12:0 a.m.10 views

CVE-2026-45389

Summary (OCaml-TLS CVE-2026-45389): OCaml-TLS versions before 2.1.0 fail to properly validate KeyUsage and ExtendedKeyUsage on client certificates during mutual TLS, allowing impersonation with certificates intended for server authentication. The issue arises in the server-side certificate valida...

7.4CVSS5.3AI score0.00191EPSS
Exploits0References1
OSV
OSVadded 2023/03/24 10:1 p.m.7 views

GHSA-9QWG-CRG9-M2VC `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

7.3AI score
Exploits0References3
OSV
OSVadded 2023/03/24 12:0 p.m.27 views

RUSTSEC-2023-0023 `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

7.2AI score
Exploits0References3
RustSec
RustSecadded 2023/03/24 12:0 p.m.33 views

`openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3EXTnconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads. Thanks to David Benjamin Google for reporting this issue...

6.9AI score
Exploits0Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 3:29 a.m.0 views

SUSE CVE-2022-21657

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage...

6.8CVSS6.3AI score0.00509EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2022/02/23 6:50 a.m.46 views

CVE-2022-21657

A flaw was found in envoy. This issue occurs when it does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, and only to those certificates that contain the necessary extendedKeyUsage id-kp-serverAuth and id-kp-clientAuth, respectively...

6.8CVSS3AI score0.00509EPSS
Exploits0References5
Rows per page
Query Builder