Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/04/28 9:19 a.m.6 views

CVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verification

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

5.2AI score0.00593EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.14 views

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by improper validation of certificates when they did not match the hostnames...

7.4CVSS5.8AI score0.00593EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:21 a.m.4 views

CVE-2023-34143

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux Device Manager Server, Device Manager Agent, Host Data Collector components allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02...

8.1CVSS7AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2019/03/14 3:40 p.m.3 views

GHSA-GF2V-9HP6-44QG org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service vulnerable to Improper Certificate Validation

Apache Hive JDBC + HiveServer2 implements SSL for plain TCP and HTTP connections it supports both transport modes. While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be verifying the common name...

7.5CVSS7.1AI score0.01006EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/07/23 7:20 p.m.6 views

OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)

A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP addres...

2.6CVSS6.6AI score0.0381EPSS
Exploits0References5
Rows per page
Query Builder