EUVD-2022-40749

Malicious code in bioql PyPI...

CVE-2022-25638

In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sigalgo field differs between the certificateverify message and the certificate message...

CBL Mariner 2.0 Security Update: hvloader (CVE-2024-45159)

The version of hvloader installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45159 advisory. - An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional...

PT-2023-25848 · Wolfssl · Wolfssl

Name of the Vulnerable Software and Affected Versions: wolfSSL affected versions not specified Description: When a TLS 1.3 client connects to a malicious server without receiving a PSK pre shared key extension or a KSE key share extension, it uses a default predictable buffer for the IKM Input...

Citrix ADC: TLS 1.3 is not working if enabled through SSL profile

ADC: TLS 1.3 is not working if enabled through SSL profile. When enabled on vserver SSL parameters it works...