PT-2025-54579

Name of the Vulnerable Software and Affected Versions Node.js version 24 Description A memory leak exists in Node.js’s OpenSSL integration when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. Calling socket.getPeerCertificatetrue causes a memory leak for each...

RHEL 9 : perl-HTTP-Tiny (RHSA-2024:4430)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4430 advisory. HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more detail...

Moderate: Red Hat Security Advisory: perl-HTTP-Tiny security update

An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

CVE-2024-2660 Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses

Vault and Vault Enterprise TLS certificates auth method did not correctly validate OCSP responses when one or more OCSP sources were configured. This vulnerability, CVE-2024-2660, affects Vault and Vault Enterprise 1.14.0 and above, and is fixed in Vault 1.16.0 and Vault Enterprise 1.16.1, 1.15.7...

SUSE: Security Advisory (SUSE-SU-2023:2881-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2882-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Authentication flaw

Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex 2.37.0 serves HTTPS with insecure TLS 1.0 and TLS 1.1. cmd/dex/serve.go line 425 seemingly sets TLS 1.2 as minimum version, but the whole tlsConfig is ignored after TLS cert reloader was introduced in...

ALSA-2023:7174 Moderate: perl-HTTP-Tiny security update

HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...

Moderate: perl-HTTP-Tiny security update

HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...

Moderate: perl-HTTP-Tiny security update

HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in th...

CVE-2022-32156 Splunk Enterprise and Universal Forwarder CLI connections lacked TLS cert validation

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface CLI did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI...

U.S. Dept Of Defense: Apparent ██████████ website is publicly exposed, suggests default account details on page and has expired SSL/TLS cert

Summary: Publicly exposed website ███████ offering default login user/pass with expired SSL Description: https://██████/ is branded as '████' with ██████ branding/logo and links to ██████ homepage, defense.gov & @DeptofDefense Twitter account Impact Publicly exposed service with potentially defau...

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

SUSE-SU-2015:1208-1 Security update for python-keystoneclient

The python-keystoneclient was updated to fix one security issues. The following vulnerability was fixed: - bsc928205: S3Token TLS cert verification option not honored CVE-2015-1852...