Lucene search
K

15 matches found

F5 Networks
F5 Networks
added 2024/06/18 8:11 p.m.32 views

K000140042: libldap vulnerability CVE-2020-15719

Security Advisory Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 i...

4.2CVSS6.8AI score0.02417EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/03/12 12:48 p.m.19 views

Advisory ROSA-SA-2024-2372

Software: openldap 2.4.46 OS: ROSA Virtualization 2.1 packageevrstring: openldap-2.4.46-10.el8.src.rpm CVE-ID: CVE-2020-15719 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: libldap in some third-party OpenLDAP packages has a certificate validation error when the third-party package asserts support for...

4.2CVSS7.3AI score0.02417EPSS
Exploits0
OSV
OSV
added 2024/03/06 11:2 a.m.45 views

BIT-OPENLDAP-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS4.2AI score0.02417EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2015:1298-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.01944EPSS
Exploits0References2
OSV
OSV
added 2020/09/25 7:24 a.m.3 views

SUSE-SU-2020:2581-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125...

4.2CVSS4.6AI score0.02417EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.21 views

openSUSE Security Update : openldap2 (openSUSE-2020-1459)

This update for openldap2 fixes the following issues : - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptiv...

4.2CVSS6.8AI score0.02417EPSS
Exploits0References2
OSV
OSV
added 2020/09/19 12:21 p.m.2 views

OPENSUSE-SU-2020:1459-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. This update was imported from the SUSE:SLE-15:Update update project...

4.2CVSS4.4AI score0.02417EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/19 12:0 a.m.41 views

Security update for openldap2 (moderate)

openSUSE Security Update: Security update for openldap2 Announcement ID: openSUSE-SU-2020:1459-1 Rating: moderate References: 1174154 Cross-References: CVE-2020-15719 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...

4.2CVSS4.6AI score0.02417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/07/15 3:37 p.m.28 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS2.7AI score0.02417EPSS
Exploits0References4
NVD
NVD
added 2020/07/14 2:15 p.m.12 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS0.02417EPSS
Exploits0References7
Prion
Prion
added 2020/07/14 2:15 p.m.17 views

Design/Logic Flaw

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4CVSS4.4AI score0.02417EPSS
Exploits0References7Affected Software5
UbuntuCve
UbuntuCve
added 2020/07/14 2:15 p.m.19 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS6.8AI score0.02417EPSS
Exploits0References2
CVE
CVE
added 2020/07/14 1:47 p.m.460 views

CVE-2020-15719

CVE-2020-15719 affects libldap in certain third‑party OpenLDAP packages. A certificate‑validation flaw occurs when RFC6125 support is asserted: CN is considered valid even if SAN does not match. The issue is fixed in at least openldap-2.4.46-10.el8 (Red Hat Enterprise Linux). The connected docume...

4.2CVSS4.2AI score0.02417EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2020/07/14 1:47 p.m.17 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS4.5AI score0.02417EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/06/12 12:0 a.m.12 views

openSUSE Security Update : python-setuptools (openSUSE-2015-413)

Python-setup tools was updated to fix one security issues. The following vulnerability was fixed : - non-RFC6125-compliant host name matching - substring wildcard should not match IDNA prefix booc930189 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

5.4AI score
Exploits0References1
Rows per page
Query Builder