Lucene search
K

8 matches found

F5 Networks
F5 Networks
added 2024/06/18 8:11 p.m.33 views

K000140042: libldap vulnerability CVE-2020-15719

Security Advisory Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 i...

4.2CVSS6.8AI score0.02417EPSS
Exploits0
OSV
OSV
added 2024/03/06 11:2 a.m.45 views

BIT-OPENLDAP-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS4.2AI score0.02417EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2020/07/15 3:37 p.m.29 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS2.7AI score0.02417EPSS
Exploits0References4
NVD
NVD
added 2020/07/14 2:15 p.m.13 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS0.02417EPSS
Exploits0References7
Prion
Prion
added 2020/07/14 2:15 p.m.18 views

Design/Logic Flaw

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4CVSS4.4AI score0.02417EPSS
Exploits0References7Affected Software5
UbuntuCve
UbuntuCve
added 2020/07/14 2:15 p.m.19 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS6.8AI score0.02417EPSS
Exploits0References2
CVE
CVE
added 2020/07/14 1:47 p.m.462 views

CVE-2020-15719

CVE-2020-15719 affects libldap in certain third‑party OpenLDAP packages. A certificate‑validation flaw occurs when RFC6125 support is asserted: CN is considered valid even if SAN does not match. The issue is fixed in at least openldap-2.4.46-10.el8 (Red Hat Enterprise Linux). The connected docume...

4.2CVSS4.2AI score0.02417EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2020/07/14 1:47 p.m.17 views

CVE-2020-15719

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName SAN. This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux...

4.2CVSS4.5AI score0.02417EPSS
Exploits0
Rows per page
Query Builder