2 matches found
CVE-2026-27134
A flaw was found in Strimzi. When using a custom Cluster or Clients Certificate Authority CA with a multistage CA chain, Strimzi incorrectly configures the trusted certificates for mutual Transport Layer Security mTLS authentication. This allows users with certificates signed by any CA in the cha...
CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame
quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...