EUVD-2020-28177

Malware in sbrugna...

PT-2024-17492

Name of the Vulnerable Software and Affected Versions idna versions 0.5.0 and earlier url versions prior to 2.5.4 Description The issue is related to improper validation of unsafe equivalence in punycode by the idna crate from Servo rust-url. This allows an attacker to create a punycode hostname...

Authorization Policy Bypass Due to Case Insensitive Host Comparison

Impact According to RFC 4343, Istio authorization policy should compare the hostname in the HTTP Host header in a case insensitive way, but currently the comparison is case sensitive. The Envoy proxy will route the request hostname in a case-insensitive way which means the authorization policy...

CVE-2020-24715

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName...

CVE-2020-7043

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack...

CVE-2020-7043

OpenFortiVPN (openfortivpn) 1.11.0 with OpenSSL before 1.0.2 is vulnerable to CVE-2020-7043. In tunnel.c, hostname validation mishandles null bytes, allowing a crafted hostname like good.example.com\x00evil.example.com to bypass validation. This affects builds using affected OpenSSL versions and ...