6 matches found
CVE-2026-6412
Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...
PT-2026-28378
Name of the Vulnerable Software and Affected Versions Undertow affected versions not specified Description A flaw exists in Undertow where the software incorrectly processes HTTP requests containing leading spaces in the first header line, violating HTTP standards. This can be exploited to perfor...
[SECURITY] Fedora 40 Update: libssh2-1.11.1-1.fc40
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 41 Update: libssh2-1.11.1-1.fc41
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
Addressing the OT-IT Risk and Asset Inventory Gap
Cyber-espionage and exploitation from nation-state-sanctioned actors have only become more prevalent in recent years, with recent examples including the SolarWinds attack, which was attributed to nation-state actors with alleged Russian ties. There are suspicions that sensitive information has be...
Good News from Singapore
The IETF had its 100th meeting the week of November 13. It was held in Singapore. I want to report on two pieces of good news. The first is that it seems like TLS 1.3 is ready to advance through the IETF process. As I wrote last month, the problem was that outdated or buggy network devices betwee...