Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
LinbitCsync2

2 matches found

CVE
CVEadded 2020/03/20 8:24 p.m.251 views

CVE-2019-15522

CVE-2019-15522 affects LINBIT csync2 up to 2.0. The issue: in csync_daemon_session (daemon.c) the daemon does not enforce TLS when SSL is required, allowing hello commands to succeed despite TLS requirements. Documented fixes across multiple vendors/distributions (SUSE/OpenSUSE OSV entries and SU...

9.8CVSS9.2AI score0.00518EPSS
CVE
CVEadded 2020/12/30 8:4 p.m.197 views

CVE-2019-15523

CVE-2019-15523 affects LINBIT csync2 up to version 2.0. The issue stems from not correctly checking the GNUTLS_E_WARNING_ALERT_RECEIVED return value from gnutls_handshake() and failing to call it again as required by the API design, which may lead to improper TLS handling. Publicly documented imp...

5.3CVSS5.3AI score0.00666EPSS