Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-27017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8....

5.3CVSS6AI score0.00154EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/02/21 12:23 a.m.6 views

SUSE CVE-2026-27017

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...

5.3CVSS5.7AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/20 11:17 a.m.12 views

CVE-2026-27017

A flaw was found in uTLS. When using GREASE Encrypted ClientHello ECH, uTLS versions 1.6.0 through 1.8.0 may exhibit a fingerprint mismatch with Chrome. This occurs due to an inconsistent selection of cipher suites between the outer ClientHello and the ECH, potentially allowing a remote observer ...

5.3CVSS5.5AI score0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/20 2:47 a.m.26 views

CVE-2026-27017 uTLS has a Chrome Parrot Fingerprint Vulnerability due to GREASE ECH Cipher Suite Mismatch

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...

2.3CVSS0.00154EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 2:47 a.m.3 views

CVE-2026-27017

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...

2.3CVSS5.5AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/20 2:47 a.m.24 views

CVE-2026-27017

CVE-2026-27017 affects the uTLS fork of crypto/tls ( Versions 1.6.0–1.8.0 ) with GREASE ECH, causing a fingerprint mismatch with Chrome due to inconsistent cipher-suite selection between the outer ClientHello and ECH. Specifically, uTLS hardcodes AES for the outer cipher suite while randomly sele...

5.3CVSS5.5AI score0.00154EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/02/20 2:47 a.m.4 views

CVE-2026-27017

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...

5.3CVSS5.3AI score0.00154EPSS
Exploits0
OSV
OSV
added 2026/02/18 10:33 p.m.5 views

GHSA-7M29-F4HW-G2VX uTLS has a fingerprint vulnerability from GREASE ECH mismatch for Chrome parrots

There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers...

2.3CVSS5.4AI score0.00154EPSS
Exploits0References6
Rows per page
Query Builder