Lucene search
K

9 matches found

Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

An issue was discovered in the OpenSSL library in Ruby before 2.3.8 2.4.x before 2.4.5 2.5.x before 2.5.2 and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using == depending on the ordering non-equal objects may return true. When the first argument is one character longer than the second or the second argument contains a character that is one less than a character in the same position of the first argument the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.

...

9.8CVSS9.6AI score0.10715EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/08/27 11:12 a.m.113 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

9.8CVSS7.2AI score0.10715EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/07/30 9:18 a.m.10 views

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS7.3AI score0.10715EPSS
Exploits0References5
CNVD
CNVD
added 2019/05/05 12:0 a.m.3 views

GNU recutils null pointer dereference vulnerability (CNVD-2019-22406)

GNU Recutils is a set of tools and libraries for accessing human-editable plain text databases called recfiles. A null pointer dereference vulnerability exists in the recfieldnameequalp function in rec-field-name.c in librec.a in GNU recutils 1.8. An attacker could exploit this vulnerability to...

6.5CVSS6.7AI score0.01411EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/11/29 10:33 p.m.3 views

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS7.3AI score0.10715EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 10:23 a.m.5 views

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS7.3AI score0.10715EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 10:10 a.m.5 views

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

9.8CVSS7.3AI score0.10715EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2018/11/29 12:0 a.m.60 views

ruby security update

2.0.0.648-34 - CVE-2018-16395: Fix OpenSSL::X509::Name equality check does not work. Resolves: CVE-2018-16395...

9.8CVSS1.7AI score0.10715EPSS
Exploits0
Snyk
Snyk
added 2018/11/16 6:29 p.m.4 views

Incomplete Comparison with Missing Factors

Overview openssl is a package that wraps the OpenSSL library. Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors. An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview...

9.8CVSS8AI score0.10715EPSS
Exploits0References2
Rows per page
Query Builder