Lucene search
+L

10 matches found

Snyk
Snyk
added 2026/02/24 8:22 p.m.3 views

Unchecked Return Value

Overview Affected versions of this package are vulnerable to Unchecked Return Value due to improper error handling in the provision function. An attacker can gain unauthorized access by presenting a client certificate signed by any system-trusted certificate authority, bypassing the intended...

9.3CVSS5.9AI score0.00267EPSS
Exploits1References2
NVD
NVD
added 2026/02/24 5:29 p.m.7 views

CVE-2026-27586

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

9.3CVSS0.00267EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.9 views

Caddy 安全漏洞

Caddy is an open-source, cross-platform HTTP/Web server developed by the Caddy company. Versions of Caddy prior to 2.11.1 contained security vulnerabilities. These vulnerabilities were caused by two ignored errors in the ClientAuthentication.provision function, which led to a silent failure in mT...

9.3CVSS5.8AI score0.00267EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/02/19 10:27 p.m.6 views

CVE-2026-24122

Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...

3.7CVSS5.5AI score0.00197EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20949

Name of the Vulnerable Software and Affected Versions Cosign versions 3.0.4 and below Description Cosign is a tool that provides code signing and transparency for containers and binaries. A flaw in the certificate validation process allows expired intermediate Certificate Authorities to validate...

7.5CVSS5.4AI score0.00413EPSS
Exploits4References143
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.2 views

Astra Linux – Vulnerability in easy-rsa

The weak encryption algorithm in the Easy-RSA version 3.0.5 to 3.1.7 allows a local attacker to more easily brute-force the private CA key when it is created using OpenSSL 3...

5.3CVSS6.1AI score0.00081EPSS
Exploits0References3
OSV
OSV
added 2025/09/16 1:54 a.m.5 views

GHSA-W252-645G-87MP Openfire has potential identity spoofing issue via unsafe CN parsing

Summary Identity spoofing in X.509 client certificate authentication in Openfire allows internal attackers to impersonate other users via crafted certificate subject attributes, due to regex-based extraction of CN from an unescaped, provider-dependent DN string. Analysis Openfire’s SASL EXTERNAL...

5.9CVSS7.1AI score0.0022EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/09/16 1:54 a.m.10 views

Openfire has potential identity spoofing issue via unsafe CN parsing

Summary Identity spoofing in X.509 client certificate authentication in Openfire allows internal attackers to impersonate other users via crafted certificate subject attributes, due to regex-based extraction of CN from an unescaped, provider-dependent DN string. Analysis Openfire’s SASL EXTERNAL...

5.9CVSS7.1AI score0.0022EPSS
Exploits0References7Affected Software1
Akamai Blog
Akamai Blog
added 2019/12/19 8:30 p.m.101 views

Inspecting TLS Web Traffic - Part 2

In the first blog post I covered why HTTPS web traffic has grown to unprecedented levels, provided a TLS primer and looked at the basic concept of intercepting and inspecting HTTPS web traffic with Man-In-The-Middle techniques MITM. In the second part, I will dive a bit deeper into how the TLS MI...

0.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/10/23 11:15 a.m.57 views

NordVPN Breached

There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN's network or for a variety...

7.4AI score
Exploits0
Rows per page
Query Builder