18 matches found
EUVD-2020-0424
Malware in sbrugna...
EUVD-2022-2390
Malicious code in bioql PyPI...
CVE-2017-1000209
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libreoffice (SUSE-SU-2024:3577-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3577-1 advisory. libreoffice was updated to version 24.8.1.2 jscPED-10362: - Release notes:...
Security update for libreoffice
This update for libreofficefixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
SUSE-SU-2024:3577-1 Security update for libreoffice
This update for libreofficefixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: - Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
SUSE-SU-2024:3576-1 Security update for libreoffice
This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: - Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
Security update for libreoffice
This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...
CVE-2020-11050
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0...
GHSA-GW55-JM4H-X339 Improper Validation of Certificate with Host Mismatch in Java-WebSocket
The Java-WebSocket Client does not perform hostname verification. - This means that SSL certificates of other hosts are accepted as long as they are trusted. To exploit this vulnerability an attacker has to perform a man-in-the-middle MITM attack between a Java application using the Java-WebSocke...
Improper Validation of Certificate with Host Mismatch in Java-WebSocket
The Java-WebSocket Client does not perform hostname verification. - This means that SSL certificates of other hosts are accepted as long as they are trusted. To exploit this vulnerability an attacker has to perform a man-in-the-middle MITM attack between a Java application using the Java-WebSocke...
Man-in-the-Middle (MitM)
Java-Websocket is vulnerable to Man-in-the-Middle MitM. The SSL hostname validation is not enabled by default, allowing an attacker to perform a man-in-the-middle attack to intercept and modify network traffic...
Java-WebSocket Trust Management Issue Vulnerability
Java-WebSocket is a WebSocket client and server implementation written in Java language . A security vulnerability exists in Java-WebSocket 1.4.1 and earlier versions that stems from WebSocketClient failing to validate SSL hostnames. No details of the vulnerability are provided at this time...
CVE-2020-11050
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0...
CVE-2020-11050
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0...
Input validation
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0...
CVE-2020-11050 Improper Validation of Certificate with Host Mismatch in Java-WebSocket
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0...
CVE-2017-1000209
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate...