Lucene search
K

108 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: ruby:2.5 security update

An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 3 days ago5 views

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago6 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 3 days ago6 views

Important: Red Hat Security Advisory: ruby:3.3 security update

An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 3 days ago9 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 3 days ago5 views

RHEL 8 : ruby:2.5 (RHSA-2026:33514)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33514 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 3 days ago3 views

RHEL 10 : ruby (RHSA-2026:33565)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33565 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 3 days ago4 views

Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Comman...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References8
NVD
NVD
added 2026/06/23 8:16 p.m.5 views

CVE-2026-53622

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

10CVSS0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 7:12 p.m.35 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS0.00245EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/23 7:12 p.m.4 views

CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard...

7.8CVSS5.9AI score0.00245EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 7:12 p.m.8 views

CVE-2026-48491

CVE-2026-48491 (Traefik) describes a high-severity vulnerability in Traefik 3.7.0–3.7.3 where SNICheck ignores wildcard TLSOptions mappings. An unauthenticated client can complete a TLS handshake with a permissive SNI on the same entrypoint and then send a Host header targeting a wildcard-protect...

10CVSS5.9AI score0.00245EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-54275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existi...

7.5CVSS5.8AI score0.00266EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in curl

A user can specify that curl = 7.20.0 and = 7.78.0 requires a successful upgrade to TLS when communicating with IMAP, POP3, or FTP servers. This is achieved by using the --ssl-reqd option on the command line, or setting CURLOPT USESSL to CURLUSESSLCONTROL or CURLUSESSLALL with licurl. This...

7.5CVSS6.5AI score0.04224EPSS
Exploits1References2
Patchstack
Patchstack
added 2026/06/18 2:28 p.m.6 views

NPM: undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent

NPM: undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent vulnerability discovered by ? in WordPress Npm undici versions = 7.23.0, 7.28.0...

7.4CVSS6.4AI score0.00375EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/17 4:46 p.m.61 views

CVE-2026-9697

undici’s ProxyAgent drops the requestTls option when used with a SOCKS5 proxy (socks5:// or socks://), causing the HTTPS connection to rely on Node’s default trust store and ignore user-provided ca, cert, key, rejectUnauthorized, and servername. This allows any cert signed by a publicly trusted C...

7.4CVSS5.4AI score0.00375EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 7:2 p.m.69 views

Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass

Summary There is a high severity vulnerability in Traefik's domain-fronting protection SNICheck that allows an unauthenticated client to bypass mutual TLS enforced through wildcard router TLSOptions. When a router uses a wildcard host rule such as Host.example.com with stricter TLS options for...

10CVSS5.1AI score0.00245EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/16 3:42 p.m.24 views

CVE-2025-71261 Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS

An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control...

8.6CVSS0.00208EPSS
Exploits0References1
Amazon
Amazon
added 2026/06/08 12:0 a.m.8 views

Important: ruby4.0

Issue Overview: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in...

9.8CVSS5.4AI score0.00813EPSS
Exploits0
Rows per page
Query Builder