11 matches found
EUVD-2025-19095
Malicious code in bioql PyPI...
EUVD-2025-19096
Malicious code in bioql PyPI...
CVE-2025-41256
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...
CVE-2025-41256
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...
CVE-2025-41255
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41255 Cyberduck and Mountain Duck - Improper Certificate Store Handling
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41255
The CVE-2025-41255 issue affects Cyberduck and Mountain Duck through TLS certificate pinning handling. According to multiple sources, the vulnerable behavior is the unnecessary installation of untrusted certificates (e.g., self-signed) into the Windows Certificate Store of the current user, drive...
CVE-2025-41255 Cyberduck and Mountain Duck - Improper Certificate Store Handling
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41256
CVE-2025-41256 affects Cyberduck (through 9.1.6) and Mountain Duck (through 4.17.5) due to improper TLS certificate pinning for untrusted certificates, with fingerprint storage using SHA-1. This creates a high-severity risk (CVSSv3: 7.4, High) for network-based situations where self-signed or unt...
CVE-2025-41256 Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...
CVE-2025-41256 Cyberduck and Mountain Duck - Weak Hash Algorithm for Certificate Fingerprint
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates e.g., self-signed, since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak. This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5...