Lucene search
K

7 matches found

NVD
NVD
added 2026/06/25 8:17 p.m.8 views

CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

6.3CVSS0.00118EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 4:51 p.m.19 views

CVE-2026-55961 wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer

wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying signed-data verification succeeds without authenticating any content. The compatibility-layer verify path now rejects the object when no...

8.2CVSS0.00095EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 7:0 a.m.8 views

MGASA-2026-0127 Updated php packages fix security vulnerabilities

FPM: Fixed GHSA-7qg2-v9fj-4mwv XSS within status endpoint. CVE-2026-6735 MBString: Fixed GHSA-wm6j-2649-pv75 Null pointer dereference in phpmbcheckencoding via mberegsearchinit. CVE-2026-7259 OpenSSL: Fix compatibility issues with OpenSSL 4.0. PDOFirebird: Fixed GHSA-w476-322c-wpvm SQL injection...

9.8CVSS5.9AI score0.0078EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/10 5:8 a.m.8 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the wolfSSLX509verifycert function. An attacker can bypass certificate signature validation by supplying a certificate chain where an untrusted intermediate with Basic Constraints set to CA:FALSE is...

8.6CVSS5.8AI score0.00184EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 4:17 a.m.7 views

DEBIAN-CVE-2026-5501

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.1CVSS5.6AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2025/10/04 12:11 a.m.7 views

RLSA-2025:7937 Important: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...

7.4CVSS7AI score0.59501EPSS
Exploits0References2
OSV
OSV
added 2025/07/18 11:15 p.m.3 views

DEBIAN-CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

9.8CVSS5.4AI score0.00387EPSS
Exploits0References1
Rows per page
Query Builder