Lucene search
+L

4 matches found

OSV
OSV
added 2026/06/23 2:54 p.m.3 views

CVE-2026-55568 Guzzle: Silent HTTPS-Proxy Downgrade to Cleartext

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication credentials the Proxy-Authorization header, proxy userinfo in the proxy URL, or CURLOPTPROXYUSERPW...

5.9CVSS6AI score0.00106EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.10 views

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2025-1359)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1359 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...

7.5CVSS6.6AI score0.00626EPSS
Exploits2References32
RedHat Linux
RedHat Linux
added 2017/01/13 12:0 a.m.4 views

OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838)

A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication...

5.9CVSS7.2AI score0.03937EPSS
Exploits0References5
OSV
OSV
added 2016/11/17 10:29 p.m.6 views

USN-3130-1 openjdk-7 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS6.8AI score0.05437EPSS
Exploits0References6
Rows per page
Query Builder