Lucene search
K

6402 matches found

F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•45 views

K17529: NTP vulnerability CVE-2015-7703

Security Advisory Description The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of...

7.5CVSS7.5AI score0.03823EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•39 views

K17517: NTP vulnerability CVE-2015-7701

Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...

7.5CVSS7.8AI score0.06519EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•15 views

K05403841: BIG-IP and BIG-IQ improvements disclosed by Rapid7

Security Advisory Description BIG-IP and BIG-IQ improvements disclosed by Rapid7 Important : F5 recognizes these issues are security related. However, there is no known way to exploit these issues without first bypassing existing security controls using an unknown or undiscovered mechanism,...

7AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•161 views

K02692210: BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2017-6157

Security Advisory Description BIG-IP virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or...

8.1CVSS8.9AI score0.04013EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•132 views

K01051452: NGINX Ingress Controller vulnerability CVE-2021-23055

Security Advisory Description The command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. CVE-2021-23055 Impact An attacker with privileges to deploy Ingress resources can inject configuration snippets that may allow them to gain access ...

6.5CVSS6.8AI score0.00739EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•84 views

K17263: OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564

Security Advisory Description CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction...

7CVSS6.5AI score0.00599EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•45 views

K05016441: Oracle Java vulnerability CVE-2016-3508

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. CVE-2016-3508 Impact An attacker...

7.3AI score
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•89 views

K01112063: NGINX ngx_http_hls_module vulnerability CVE-2022-41743

Security Advisory Description NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issu...

7CVSS7.1AI score0.00214EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•42 views

K11932200: glibc vulnerability CVE-2019-1010023

Security Advisory Description GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ld...

8.8CVSS8.7AI score0.03069EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•51 views

K12896623: glibc vulnerability CVE-2018-1000001

Security Advisory Description In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. CVE-2018-1000001 Impact There is no impact; F5 products are not affect...

7.8CVSS8.5AI score0.13368EPSS
Exploits9
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•49 views

K02585438: MySQL vulnerabilities CVE-2019-2815, CVE-2019-2819, CVE-2019-2822, and CVE-2019-2826

Security Advisory Description CVE-2019-2815 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

7.5CVSS5.6AI score0.02818EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•56 views

K03444640: MySQL vulnerabilities CVE-2019-2740, CVE-2019-2741, CVE-2019-2743, CVE-2019-2746, and CVE-2019-2747

Security Advisory Description CVE-2019-2740 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: XML. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...

6.5CVSS5.4AI score0.03972EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•65 views

K17118: Linux kernel vulnerability CVE-2015-2042

Security Advisory Description net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. CVE-2015-204...

4.6CVSS6.8AI score0.00449EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•108 views

K17113: OpenSSH vulnerability CVE-2015-5600

Security Advisory Description The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a...

8.5CVSS6.7AI score0.09302EPSS
Exploits1Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•31 views

K17114: NTP vulnerability CVE-2015-5146

Security Advisory Description ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service service crash via a NULL byte i...

5.3CVSS6.5AI score0.04095EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•54 views

K01837042: Multiple Wireshark (tshark) vulnerabilities

Security Advisory Description CVE-2015-8711 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash v...

7.1CVSS6.9AI score0.05488EPSS
Exploits5Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•29 views

K03585731: F5 secure shell vulnerability CVE-2020-5873

Security Advisory Description A user associated with the Resource Administrator role who has access to the secure copy scp utility but does not have access to Advanced Shell bash can execute arbitrary commands using a maliciously crafted scp request. CVE-2020-5873 Impact An authenticated user wit...

7.2CVSS6.9AI score0.01386EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•49 views

K9642: Samba vulnerability CVE-2008-1105

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

7.5CVSS9.2AI score0.69085EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•42 views

K75248350: QEMU vulnerability CVE-2016-1714

Security Advisory Description The 1 fwcfgwrite and 2 fwcfgread functions in hw/nvram/fwcfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAPSYSRAWIO privilege to cause a denial of service out-of-bounds read or write access...

8.1CVSS8.7AI score0.06085EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•47 views

K75910138: Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150

Security Advisory Description CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service...

6.4CVSS7AI score0.0562EPSS
Exploits7
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•26 views

K76594024: libidn vulnerability CVE-2017-14062

Security Advisory Description Integer overflow in the decodedigit function in punydecode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. CVE-2017-14062 Impact This vulnerability may allow attackers to cause a denial of...

9.8CVSS8AI score0.03965EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•41 views

K54229563: Python vulnerability CVE-2010-3492

Security Advisory Description The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier...

5CVSS7.2AI score0.03627EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•42 views

K55225440: BIG-IP SOCKS proxy vulnerability CVE-2017-6148

Security Advisory Description Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by the Traffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control...

7.5CVSS7.7AI score0.01321EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•28 views

K60565503: OpenJDK vulnerability CVE-2005-1080

Security Advisory Description Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file. CVE-2005-1080 Impact There is no impact; F5...

5CVSS8.8AI score0.06717EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•983 views

K60499474: Apache Struts vulnerability CVE-2018-11776

Security Advisory Description Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same possibility when using url tag which doesn't have value and...

9.3CVSS9.2AI score0.99993EPSS
Exploits41
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•51 views

K53737506: Linux kernel vulnerability CVE-2019-19070

Security Advisory Description DISPUTED A memory leak in the spigpioprobe function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering devmaddactionorreset failures, aka CID-d3b0ffa1d75d. NOTE: third parties...

7.8CVSS7.1AI score0.02848EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•67 views

K54082580: BIG-IP CGNAT LSN vulnerability CVE-2022-26517

Security Advisory Description When the BIG-IP CGNAT Large Scale NAT LSN pool is configured on a virtual server and packet filtering is enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-26517 For more information about packet filters, refer to th...

7.5CVSS7.5AI score0.00764EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•146 views

K74843522: MySQL vulnerabilities CVE-2016-9843, CVE-2018-3133, CVE-2018-3137, CVE-2018-3143, and CVE-2018-3144

Security Advisory Description CVE-2016-9843 The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. CVE-2018-3133 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent:...

9.8CVSS7.1AI score0.05999EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•75 views

K67830124: Linux kernel ext3/ext4 file system vulnerability CVE-2020-14314

Security Advisory Description A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from...

5.5CVSS6.6AI score0.00356EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•30 views

K62201098: BADoS vulnerability CVE-2018-5526

Security Advisory Description Under certain conditions, Behavioral DoS BADoS protection may fail during an attack. CVE-2018-5526 Impact BADoS protection does not function as intended. Security Advisory Status F5 Product Development has assigned IDs 714350 and 714369 BIG-IP to this vulnerability. ...

6.5CVSS6.6AI score0.02025EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•42 views

K59448931: BIND vulnerability CVE-2017-3142

Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely o...

5.3CVSS6.6AI score0.05356EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•160 views

K53648360: Linux kernel vulnerability CVE-2022-27666

Security Advisory Description A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS7.4AI score0.05524EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•31 views

K34893234: BIG-IP APM Appliance mode vulnerability CVE-2022-31473

Security Advisory Description When running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary...

7.7CVSS7AI score0.01768EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•133 views

K33101555: Nettle cryptography library vulnerability CVE-2021-20305

Security Advisory Description A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in...

8.1CVSS6.8AI score0.01607EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•72 views

K18407453: Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126

Security Advisory Description CVE-2018-10767 There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a...

9.8CVSS6.6AI score0.02602EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•49 views

K17242: Linux kernel SCTP vulnerability CVE-2015-1421

Security Advisory Description Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT...

10CVSS7.1AI score0.09828EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•37 views

K17227: BIND vulnerability CVE-2015-5986

Security Advisory Description An incorrect boundary check in openpgpkey61.c can cause named to terminate due to a REQUIRE assertion failure. This defect can be deliberately exploited by an attacker who can provide a maliciously constructed response in answer to a query. CVE-2015-5986 Impact A...

7.1CVSS7.4AI score0.26071EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•61 views

K17235: PCRE library vulnerability CVE-2015-3210

Security Advisory Description Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384. CVE-2015-3210...

9.8CVSS9.2AI score0.09157EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•148 views

K15882: TLS1.x padding vulnerability CVE-2014-8730

Security Advisory Description Incorrect TLS padding may be accepted when terminating TLS 1.x CBC cipher connections. CVE-2014-8730 Impact Attackers may be able to calculate the plaintext of secure connections. Security Advisory Status F5 Product Development has assigned IDs 451218, 450804, and...

4.3CVSS7.6AI score0.1372EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•52 views

K15883: Net-SNMP vulnerability CVE-2012-2141

Security Advisory Description Array index error in the handlensExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service out-of-bounds read and snmpd crash via an SNMP GET request for an entry not in the extension...

3.5CVSS8.6AI score0.02167EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•39 views

K15865: Apache HTTP server vulnerability CVE-2012-4558

Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...

4.3CVSS5.9AI score0.22913EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•66 views

K15863: Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088

Security Advisory Description CVE-2012-1173 Multiple integer overflows in tiffgetimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the 1 gtTileSeparate or 2 gtStripSeparate function, leading to a...

7.5CVSS9.3AI score0.06918EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•24 views

K13108: TCP Packet Filtering Weakness - CERT VU#464113

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products. Note : Versions that are not listed in this article have not been evaluated for vulnerability to this securit...

6.5AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•53 views

K42842401: MySQL vulnerabilities CVE-2018-3145, CVE-2018-3155, CVE-2018-3156, CVE-2018-3161, and CVE-2018-3162

Security Advisory Description CVE-2018-3145 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...

7.7CVSS6.7AI score0.03716EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K13053402: TMM vulnerability CVE-2016-7468

Security Advisory Description An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db...

5.9CVSS6.7AI score0.01766EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•37 views

K41900062: Linux kernel vulnerability CVE-2017-15127

Security Advisory Description A flaw was found in the hugetlbmcopyatomicpte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VMSHARED hugetlbfs mapping could trigger a local denial of service BUG. CVE-2017-15127 Impact There is no impact; F5 product...

5.5CVSS5.7AI score0.00379EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•23 views

K4232: BIND version 8.4.4 and 8.4.5 vulnerability CAN-2005-0033

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...

5CVSS7.2AI score0.11448EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•44 views

K4207: Buffer overflow in mod_include - CAN-2004-0940

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

6.2AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•51 views

K32734107: BIG-IP APM vulnerability CVE-2021-23052

Security Advisory Description An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. CVE-2021-23052 Impact An unauthenticated attacker can create an open redirect...

6.1CVSS6.1AI score0.00581EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K30446705: GnuTLS vulnerability CVE-2020-13777

Security Advisory Description GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until t...

7.4CVSS7.6AI score0.17507EPSS
Exploits3
Total number of security vulnerabilities6402