Medium: nerdctl

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

PT-2023-8999 · Snowflake · Snowflake-Connector-Net

Name of the Vulnerable Software and Affected Versions: Snowflake Connector .NET versions 2.0.25 through 2.1.4 Description: The issue is related to errors in the certificate authentication procedure, which may allow a remote attacker to perform a Man-in-the-Middle MitM attack. The vulnerability is...

CVE-2021-41973

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater...

Design/Logic Flaw

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater...