3 matches found
UBUNTU-CVE-2026-33308
Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...
PT-2026-27303
Name of the Vulnerable Software and Affected Versions Mod gnutls versions prior to 0.13.0 Description Mod gnutls, a TLS module for Apache HTTPD based on GnuTLS, had an issue where the code for client certificate verification did not validate the key purpose as defined in the Extended Key Usage...
PYSEC-2023-111
SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...