21 matches found
EUVD-2017-11482
Malware in sbrugna...
EUVD-2017-17396
Malware in sbrugna...
EUVD-2022-26875
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-2299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter...
The vulnerability of the tls_trust_file command in the SMTP client Msmtp and the POP3 client Mpop allows attackers to compromise the integrity, availability, and confidentiality of information.
The vulnerability of the tlstrustfile command in the SMTP client Msmtp and the POP3 client Mpop is related to incorrect authentication of the certificate’s authenticity. Exploiting this vulnerability allows a malicious actor to compromise the integrity, availability, and confidentiality of...
UBUNTU-CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
Default configuration
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
Elastic Kibana X-Pack 'CVE-2017-8445' TLS Trust Manager Bypass Vulnerability - Linux
Elastic Kibana with X-Pack is prone to a TLS Trust Manager bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Elastic Kibana X-Pack 'CVE-2017-8445' TLS Trust Manager Bypass Vulnerability - Windows
Elastic Kibana with X-Pack is prone to a TLS Trust Manager bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2017-2299
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
Design/Logic Flaw
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
CVE-2017-2299
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
CVE-2017-2299
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
CVE-2017-2299
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
CVE-2017-2299
Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...
CVE-2017-8445
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior i...
Design/Logic Flaw
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior i...
CVE-2017-8445
CVE-2017-8445 affects Elasticsearch X-Pack Security TLS trust manager in versions 5.0.0–5.5.1. If trust material reload fails, the trust manager can be replaced with an instance that trusts all certificates, potentially allowing any node using any certificate to join a cluster. The authenticated ...
CVE-2017-8445
An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The proper behavior i...