Lucene search
Veracode Vulnerability DatabaseVERACODE:28890HistoryJan 04, 2021 - 11:30 p.m.
Insecure Logic Validation
2021-01-0423:30:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
50.5%
csync2 does not securely validate a logic path within the application. The return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function is not properly validated as required by design of the API and would lead to unintended logic execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| csync2:stretch | eq | 2.0-8-g175a01c-4+deb9u1 | |
| csync2:edge | eq | 2.0-r2 | |
| csync2:3.14 | eq | 2.0-r2 |
Related
redhatcve
redhatcve
CVE-2019-15523
2022-05-20 22:51:56
debian
debian
[SECURITY] [DLA 2515-1] csync2 security update
2021-01-04 16:49:43
nessus
nessus
Debian DLA-2515-1 : csync2 security update
2021-01-05 00:00:00
openSUSE Security Update : csync2 (openSUSE-2021-853)
2021-06-10 00:00:00
SUSE SLES15 Security Update : csync2 (SUSE-SU-2021:1858-1)
2021-06-11 00:00:00
alpinelinux
alpinelinux
CVE-2019-15523
2020-12-30 21:15:12
ubuntucve
ubuntucve
CVE-2019-15523
2020-12-30 00:00:00
cvelist
cvelist
CVE-2019-15523
2020-12-30 20:04:16
cve
cve
CVE-2019-15523
2020-12-30 21:15:12
openvas
openvas
Debian: Security Advisory (DLA-2515-1)
2021-01-05 00:00:00
openSUSE: Security Advisory for csync2 (openSUSE-SU-2021:0853-1)
2021-06-08 00:00:00
osv
osv
csync2 - security update
2021-01-04 00:00:00
CVE-2019-15523
2020-12-30 21:15:12
nvd
nvd
CVE-2019-15523
2020-12-30 21:15:12
debiancve
debiancve
CVE-2019-15523
2020-12-30 21:15:12
prion
prion
Code injection
2020-12-30 21:15:00
suse
suse
Security update for csync2 (moderate)
2021-06-07 00:00:00