Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:28890
HistoryJan 04, 2021 - 11:30 p.m.

Insecure Logic Validation

2021-01-0423:30:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

0.001 Low

EPSS

Percentile

50.5%

csync2 does not securely validate a logic path within the application. The return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function is not properly validated as required by design of the API and would lead to unintended logic execution.