Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/03/05 11:24 a.m.4 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/01/18 12:0 a.m.4 views

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and earlier versions that stems from the fact that an incorrect handshake may be accomplished using different...

9.8CVSS6.6AI score0.01181EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/29 2:15 p.m.2 views

CVE-2022-2576

In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification DDoS other peer...

7.5CVSS7.1AI score0.00507EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2014/12/24 11:59 a.m.4 views

UBUNTU-CVE-2014-3569

The ssl23getclienthello function in s23srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unexpected handshake, as demonstrated by...

5CVSS6.8AI score0.20646EPSS
Exploits0References3
Rows per page
Query Builder