Lucene search
+L

727 matches found

RedHat Linux
RedHat Linux
added 2026/04/30 3:33 a.m.7 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/30 3:29 a.m.25 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/30 3:29 a.m.19 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

10CVSS7.2AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/04/30 3:1 a.m.8 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 2:31 p.m.11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 a.m.11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/29 4:17 a.m.20 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update

An update for golang-github-openstack-k8s-operators-os-diff is now available for Red Hat OpenStack Services on OpenShift 18.0.18 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

10CVSS7AI score0.00765EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.15 views

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) (RHSA-2026:7885)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:7885 advisory. Security Fixes: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload CVE-2025-65637 Unexpected session resumption ...

10CVSS7.3AI score0.00765EPSS
Exploits2References7
OSV
OSV
added 2026/04/21 12:40 a.m.21 views

CLEANSTART-2026-AF45008 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers

Multiple security vulnerabilities affect the nginx package. When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. See references for individual vulnerabili...

9.8CVSS7.1AI score0.99999EPSS
Exploits44References33
RedHat Linux
RedHat Linux
added 2026/04/20 8:4 p.m.7 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS7.3AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/20 7:56 p.m.5 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS7.3AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/20 6:55 p.m.14 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.6AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/20 6:55 p.m.10 views

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

10CVSS6.9AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/04/20 6:53 p.m.22 views

Important: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

10CVSS6.9AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/04/20 6:53 p.m.10 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.6AI score0.00765EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.7 views

RHEL 9 : skopeo (RHSA-2026:9098)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9098 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...

10CVSS7AI score0.01945EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.5 views

RHEL 9 : gvisor-tap-vsock (RHSA-2026:9108)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9108 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsoc...

10CVSS7AI score0.01945EPSS
Exploits3References10
OSV
OSV
added 2026/04/16 12:46 a.m.37 views

CLEANSTART-2026-IY92636 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator package. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it...

9.8CVSS7.2AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/13 12:51 p.m.4 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.7AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/10 2:24 p.m.2 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.9AI score0.00765EPSS
Exploits1References8
Rows per page
Query Builder