3 matches found
CVE-2026-45388
CVE-2026-45388 affects OCaml-TLS before 2.1.0. The TLS 1.3 client path in handshake_client13.ml did not wire into validate_keyusage, allowing a certificate issued for non-server purposes (e.g., clientAuth, codeSigning, emailProtection) to impersonate a TLS server if the EKU/KeyUsage restrictions ...
EUVD-2025-203347
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of netwo...
PT-2024-2663 · Libcurl +2 · Libcurl +2
Name of the Vulnerable Software and Affected Versions: libcurl affected versions not specified Description: The issue is related to the implementation of TLS protocols in libcurl, where the server certificate is not checked when connecting to a host specified as an IP address, when built to use...