3 matches found
EUVD-2026-24029
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate...
AlmaLinux 9 : python3.12-cryptography (ALSA-2025:15608)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:15608 advisory. python-cryptography: NULL pointer dereference with pkcs12.serializekeyandcertificates when called with a non-matching certificate and private key and an hmachash...
A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority which is not the one accepted by the stunnel server to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
...