Denial of service

HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1...

CVE-2021-29653

CVE-2021-29653 affects HashiCorp Vault and Vault Enterprise versions starting from 1.5.1, where under certain circumstances revoked but unexpired certificates may be excluded from the Certificate Revocation List (CRL). This could impair revocation checks, depending on how the CRL is used by the V...

HashiCorp Vault 信任管理问题漏洞

Hashicorp HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. A security vulnerability exists in HashiCorp Vault and Vault Enterprise versions 1.5.1 and later, which stems from the ability to exclude revoked but unexpired certificates from the CRL...

PT-2021-18385 · Hashicorp · Hashicorp Vault +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions prior to 1.5.8 HashiCorp Vault and Vault Enterprise versions prior to 1.6.4 HashiCorp Vault and Vault Enterprise versions prior to 1.7.1 Description: The issue concerns the exclusion of revoked bu...

SUSE: Security Advisory (SUSE-SU-2021:0681-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : grub2 (openSUSE-2021-462)

This update for grub2 fixes the following issues : grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 - CVE-2020-25647: Fixed an out-of-bound write in grubusbdeviceinitialize bsc1177883 -...

pki-core: Unprivileged users can renew any certificate

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity...

OPENSUSE-SU-2021:0462-1 Security update for grub2

This update for grub2 fixes the following issues: grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 - CVE-2020-25647: Fixed an out-of-bound write in grubusbdeviceinitialize bsc1177883 -...

pki-core: Unprivileged users can renew any certificate

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity...

UBUNTU-CVE-2021-20179

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1645)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

pki-core 安全漏洞

pki-core is a library that provides an API for PKI operations. A security vulnerability exists in pki-core, which can be exploited by an attacker to repeatedly update the corresponding certificate, as long as the certificate is not explicitly revoked...

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-1645)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-1596)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vulnerability Summary for CVE-2020-8169CVE-2020-8169 - Vulnerability Summary for CVE-2020-8177CVE-2020-8177 - Expired pointer...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1548)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : curl (EulerOS-SA-2021-1548)

According to the versions of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verificatio...

SUSE SLES15 Security Update : grub2 (SUSE-SU-2021:0685-1)

This update for grub2 fixes the following issues : grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints : CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711...

SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0682-1)

This update for grub2 fixes the following issues : grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints : CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711...

SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0681-1)

This update for grub2 fixes the following issues : grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints : CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711...

SUSE-SU-2021:0682-1 Security update for grub2

This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 -...