143 matches found
EUVD-2024-36415
Malicious code in bioql PyPI...
EUVD-2022-6207
Malicious code in bioql PyPI...
EUVD-2023-2059
Malicious code in bioql PyPI...
EUVD-2022-53483
Malicious code in bioql PyPI...
EUVD-2023-1283
Malicious code in bioql PyPI...
CVE-2025-59353 Manager generates mTLS certificates for arbitrary IP addresses
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, a peer can obtain a valid TLS certificate for arbitrary IP addresses, effectively rendering the mTLS authentication useless. The issue is that the Manager’s Certificate gRPC service does not...
Linux Distros Unpatched Vulnerability : CVE-2020-7956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper mTLS configuration handling. An attacker can exploit this misconfiguration to establish unauthorized connections to Redis instances that are intended to require client certificate...
CVE-2023-1782
HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3...
CVE-2022-31733
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integrity is enabled AND unproxied ports are turned off, then a...
CVE-2024-37082
When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...
Exploit for SQL Injection in Microsoft
CVE-2024-43468 SCCM SQL Injection Exploit mTLS client certs f...
GHSA-6MPX-PMGP-WW49 Duplicate Advisory: Keycloak vulnerable to Cleartext Transmission of Sensitive Information
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-g6qq-c9f9-2772. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. The environment option KCCACHEEMBEDDEDMTLSENABLED does not work and the JGroup...
Improper Certificate Validation
Keycloak is vulnerable to Improper Certificate Validation. The vulnerability is due to improper handling of reverse proxy configurations with mTLS enabled, allowing an attacker on the local network to impersonate any user or client using mTLS for authentication...
Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination
A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the authentication...
GHSA-93WW-43RR-79V3 Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination
A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the authentication...
CVE-2024-10039
A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the authentication...
Beyond Passwords: Advanced API Authentication Strategies for Enhanced Security
Passwordless authentication for end users is taking the world by storm, offering organizations and individuals alike unprecedented security, user experience, and efficiency benefits. By all indications, the next generation of authentication for end users has finally arrived, sending the password...
NewStart CGSL MAIN 6.02 : python3 Vulnerability (NS-SA-2024-0053)
The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by a vulnerability: - Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client...
s2n-tls's mTLS API ordering may skip client authentication
Impact An API ordering issue in s2n-tls can cause client authentication to unexpectedly not be enabled on the server when it otherwise appears to be. Server applications are impacted if client authentication is enabled by calling s2nconnectionsetconfig before calling s2nconnectionsetclientauthtyp...