3 matches found
ROS-20250710-09
A vulnerability in the Apache MINA Java network application framework is related to incorrect handling ofjq SSL/TLS closenotify messages, as a result of which the software does not close the connection and keeps the socket open, allowing the client to subsequently receive open socket messages...
Security Bulletin: Incorrect SSL/TLS handling in Remote Artifact Loader in IBM Business Process Manager Advanced and WebSphere Process Server
Summary IBM WebSphere Process Server and IBM Business Process Manager Advanced have a component "Remote Artifact Loader" RAL that allows access to artifacts contained in other applications. In remote access cases a HTTPS connection from the RAL client to the RAL server is established. This HTTPS...
USN-967-1: w3m vulnerability
Ludwig Nussel discovered w3m does not properly handle SSL/TLS certificates with NULL characters in the certificate name. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. CVE-2010-2074...