Lucene search
K

29 matches found

curl security advisories
curl security advisories
added 2024/03/27 8:0 a.m.9 views

QUIC certificate check bypass with wolfSSL

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.3CVSS6.6AI score0.01709EPSS
Exploits1References1Affected Software2
Debian CVE
Debian CVE
added 2024/03/27 7:56 a.m.54 views

CVE-2024-2379

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.3CVSS6.2AI score0.01709EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2024/03/27 7:56 a.m.28 views

CVE-2024-2379

libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...

6.3CVSS7.3AI score0.01709EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.6 views

SUSE CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

4.4CVSS7.8AI score0.00557EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/10/06 12:0 a.m.28 views

GLSA-201310-01 : Perl Module-Signature module: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201310-01 Perl Module-Signature module: Arbitrary code execution The cpansign verify command will automatically download keys and use them to check the signature of CPAN packages via the SIGNATURE file. If an attacker were to...

4.4CVSS6.2AI score0.00557EPSS
Exploits1References2
Prion
Prion
added 2013/08/19 11:55 p.m.13 views

Design/Logic Flaw

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

4.4CVSS7.8AI score0.00557EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2013/08/19 11:0 p.m.31 views

CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

7.1AI score0.00557EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2013/08/19 11:0 p.m.76 views

CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

4.4CVSS7.2AI score0.00557EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2013/06/06 12:0 a.m.22 views

CVE-2013-2145

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/...

4.4CVSS5.9AI score0.00557EPSS
Exploits1References3
Rows per page
Query Builder