Lucene search
K

58 matches found

Github Security Blog
Github Security Blog
added 2025/12/03 4:27 p.m.8 views

step-ca Has Improper Authorization Check for SSH Certificate Revocation

Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...

5CVSS6.4AI score0.00138EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2011-5021

Malware in sbrugna...

10CVSS6.4AI score0.01221EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-17964

Malware in sbrugna...

7.3CVSS7.4AI score0.00491EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-0040

Malicious code in bioql PyPI...

3.3CVSS6.8AI score0.00192EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 8:3 a.m.4 views

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS3.9AI score0.00192EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 p.m.4 views

CVE-2020-25276

An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. When using a client certificate to enroll over the EST protocol, no revocation check is performed on that certificate. This vulnerability can only affect a system that has EST configured, uses client certificates to authenticate...

7.3CVSS6.8AI score0.00491EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:7 p.m.7 views

CVE-2020-16228

In Patient Information Center iX PICiX Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate...

6.4CVSS6.5AI score0.00371EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 3:57 p.m.26 views

GO-2025-3381 notation-go's timestamp signature generation lacks certificate revocation check in github.com/notaryproject/notation-go

notation-go's timestamp signature generation lacks certificate revocation check in github.com/notaryproject/notation-go...

4CVSS4.3AI score0.0013EPSS
Exploits0References2
NVD
NVD
added 2025/01/13 10:15 p.m.15 views

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS0.00192EPSS
Exploits1References3
CVE
CVE
added 2025/01/13 9:42 p.m.155 views

CVE-2024-51491

CVE-2024-51491 affects notation-go (CRL revocation cache). The root cause is CRL cache updates via os.Rename: when source and destination reside on different mount points, the operation can fail with EXDEV, causing a crash of notation and aborting signature verification. Affected component is crl...

3.3CVSS3.9AI score0.00192EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/13 9:42 p.m.25 views

CVE-2024-51491 Process crash during CRL-based revocation check on OS using separate mount point for temp Directory in notation-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS6.9AI score0.00192EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/01/13 9:37 p.m.19 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS6.6AI score0.0013EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/13 9:37 p.m.30 views

CVE-2024-56138 Timestamp signature generation lacks certificate revocation check in notion-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...

4CVSS0.0013EPSS
Exploits0References2
CVE
CVE
added 2025/01/13 9:37 p.m.278 views

CVE-2024-56138

CVE-2024-56138 affects notion-go, a library for signing/verifying OCI artifacts. The timestamp signature generation path did not verify the revocation status of certificates in the TSA chain, enabling a potential MITM-era countersignature that could be stored by notation and cause CI/CD signature...

4CVSS4.2AI score0.0013EPSS
Exploits0References2
OSV
OSV
added 2025/01/13 4:14 p.m.21 views

GHSA-45V3-38PC-874V notation-go's timestamp signature generation lacks certificate revocation check

This issue was identified during Quarkslab's audit of the timestamp feature. Summary During the timestamp signature generation, the revocation status of the certificates used to generate the timestamp signature was not verified. Details During timestamp signature generation, notation-go did not...

4CVSS4.1AI score0.0013EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.8 views

notion-go 安全漏洞

notion-go is a collection of libraries that support signing and verifying OCI artifacts for notaryproject individual developers. A security vulnerability exists in notion-go versions 1.2.0-beta.1 through 1.3.0-rc.1, which stems from a failure to validate the revocation status of a certificate whe...

4CVSS6.6AI score0.0013EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/04/17 3:5 p.m.5 views

Thunderbird: Revocation status of S/Mime recipient certificates was not checked

The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...

6.5CVSS7.3AI score0.00372EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/04/17 2:10 p.m.5 views

Thunderbird: Revocation status of S/Mime recipient certificates was not checked

The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...

6.5CVSS7.3AI score0.00372EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/04/17 2:4 p.m.6 views

Thunderbird: Revocation status of S/Mime recipient certificates was not checked

The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...

6.5CVSS7.3AI score0.00372EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.3 views

SUSE CVE-2014-3250

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4...

6.5CVSS6.7AI score0.00894EPSS
Exploits0References4
Rows per page
Query Builder