Lucene search
K

13 matches found

NVD
NVD
added 2026/06/25 8:17 p.m.9 views

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 8:17 p.m.4 views

DEBIAN-CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

7.5CVSS5.8AI score0.00145EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 8:17 p.m.5 views

UBUNTU-CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS5.7AI score0.00145EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 7:31 p.m.33 views

CVE-2026-55960 Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 7:31 p.m.25 views

CVE-2026-55960

The CVE-2026-55960 entry describes a vulnerability in wolfSSL builds that support Raw Public Key (RPK). Un-negotiated Raw Public Key (RFC 7250) could be accepted in place of an X.509 certificate by ParseCertRelative(), bypassing trust checks, because a raw public key has no chain. The fix/workaro...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:31 p.m.5 views

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 7:31 p.m.6 views

CVE-2026-55960

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS5.8AI score0.00145EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 7:31 p.m.7 views

EUVD-2026-39545

Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually negotiated for that peer...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52572

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an un-negotiated Raw Public Key RPK, as defined in RFC 7250, is accepted instead of an X.509 certificate, allowing the bypass of chain...

8.2CVSS5.7AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:5 a.m.2 views

openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

A flaw was found in OpenSSL's RFC7250 Raw Public Key RPK authentication. This vulnerability allows man-in-the-middle MITM attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSLVERIFYPEER verification mode being set...

6.3CVSS7.1AI score0.02439EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/02 5:38 p.m.14 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a man-in-the-middle attack in OpenSSL [CVE-2024-12797]

Summary IBM Watson Speech Services Cartridge is vulnerable to a man-in-the-middle attack in OpenSSL, caused by a failure to abort TLS/DTLS handshakes in RFC7250 Raw Public Key RPK authentication CVE-2024-12797. OpenSSL is used by our Speech runtimes. This vulnerabilitiy has been addressed. Please...

6.3CVSS6.8AI score0.02439EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/02/11 4:50 p.m.3 views

openssl: RFC7250 handshakes with unauthenticated servers don't abort as expected

A flaw was found in OpenSSL's RFC7250 Raw Public Key RPK authentication. This vulnerability allows man-in-the-middle MITM attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSLVERIFYPEER verification mode being set...

6.3CVSS7.1AI score0.02439EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/11 3:57 p.m.2 views

CVE-2024-12797

A flaw was found in OpenSSL's RFC7250 Raw Public Key RPK authentication. This vulnerability allows man-in-the-middle MITM attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSLVERIFYPEER verification mode being set. Mitigation...

7.4CVSS6AI score0.02439EPSS
Exploits0References3
Rows per page
Query Builder