7 matches found
JLSEC-2026-409
An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...
Astra Linux - уязвимость в curl
There is a vulnerability in the handling of certificate validation in curl v8.1.0, particularly in how wildcard patterns are matched when listed as “Subject Alternative Name” in TLS server certificates. Curls can be modified to use its own name matching function for TLS, rather than the one...
AZL-26808 CVE-2023-28321 affecting package mysql for versions less than 8.0.34-1
An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...
AZL-26794 CVE-2023-28321 affecting package curl for versions less than 8.2.1-1
An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...
SUSE CVE-2023-28321
An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...
PT-2023-3462 · Curl +11 · Curl +11
Name of the Vulnerable Software and Affected Versions: curl versions prior to 8.1.0 Description: The issue is related to improper certificate validation in the way curl supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. This could lead to...
SUSE CVE-2005-0237
The International Domain Name IDN support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing...