Lucene search
+L

10 matches found

euvd
euvd
added 2026/06/26 12:32 a.m.8 views

EUVD-2026-39578

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References3
osv
osv
added 2026/06/25 10:16 p.m.8 views

UBUNTU-CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/25 9:16 p.m.7 views

CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/25 9:16 p.m.20 views

CVE-2026-10098

CVE-2026-10098: In wolfSSL_OCSP_resp_find_status, OCSP CertID serial-number length-confusion allows a same-issuer SingleResponse whose serial is a prefix of the target’s to be reported as the status of another certificate. The vulnerability arises because the lookup compares serial-number bytes w...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 9:16 p.m.27 views

CVE-2026-10098 OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS0.00121EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 9:16 p.m.6 views

CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.34 views

PT-2026-52590

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A length-confusion issue exists in the wolfSSL OCSP resp find status function. The lookup process compares serial-number bytes without verifying that the two serial numbers are of equal lengt...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References6
cnnvd
cnnvd
added 2023/10/09 12:0 a.m.2 views

Micronaut Security Access Control Error Vulnerability

Micronaut Security is a Micronaut Framework open source application security solution. Micronaut Security versions 3.11.0 to 3.11.1 , 3.10.0 to 3.10.2 , 3.9.0 to 3.9.6 , 3.8.0 to 3.8.4 , 3.7.0 to 3.7.4 , 3.6.0 to 3.6.6 , 3.5.0 to 3.5.3 , 3.4.0 to 3.4.3 An access control error vulnerability exists...

6.5CVSS6.7AI score0.0045EPSS
Exploits1References3
osv
osv
added 2023/10/05 8:55 p.m.6 views

GHSA-QW22-8W9R-864H io.micronaut.security:micronaut-security-oauth2 has invalid IdTokenClaimsValidator logic on aud

Summary IdTokenClaimsValidator skips aud claim validation if token is issued by same identity issuer/provider. Details See https://github.com/micronaut-projects/micronaut-security/blob/master/security-oauth2/src/main/java/io/micronaut/security/oauth2/client/IdTokenClaimsValidator.javaL202 This...

6.5CVSS5.8AI score0.0045EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2023/10/05 12:0 a.m.7 views

PT-2023-25712 · Micronaut · Micronaut Security

Name of the Vulnerable Software and Affected Versions: Micronaut Security versions prior to 3.1.2 Micronaut Security versions prior to 3.2.4 Micronaut Security versions prior to 3.3.2 Micronaut Security versions prior to 3.4.3 Micronaut Security versions prior to 3.5.3 Micronaut Security versions...

6.5CVSS6.4AI score0.0045EPSS
Exploits1References8
Rows per page
Query Builder