Total
1158 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44533 | 4 Debian, Nodejs, Oracle and 1 more | 14 Debian Linux, Node.js, Graalvm and 11 more | 2025-04-30 | 5.3 Medium |
| Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable. | ||||
| CVE-2021-44532 | 4 Debian, Nodejs, Oracle and 1 more | 14 Debian Linux, Node.js, Graalvm and 11 more | 2025-04-30 | 5.3 Medium |
| Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option. | ||||
| CVE-2021-44531 | 3 Nodejs, Oracle, Redhat | 13 Node.js, Graalvm, Mysql Cluster and 10 more | 2025-04-30 | 7.4 High |
| Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option. | ||||
| CVE-2021-22939 | 6 Debian, Netapp, Nodejs and 3 more | 11 Debian Linux, Nextgen Api, Node.js and 8 more | 2025-04-30 | 5.3 Medium |
| If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. | ||||
| CVE-2019-15604 | 5 Debian, Nodejs, Opensuse and 2 more | 12 Debian Linux, Node.js, Leap and 9 more | 2025-04-30 | 7.5 High |
| Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate | ||||
| CVE-2023-21358 | 1 Google | 1 Android | 2025-04-30 | 7.8 High |
| In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-45391 | 1 Jenkins | 1 Ns-nd Integration Performance Publisher | 2025-04-30 | 7.5 High |
| Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM. | ||||
| CVE-2022-38666 | 1 Jenkins | 1 Ns-nd Integration Performance Publisher | 2025-04-30 | 7.5 High |
| Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and earlier unconditionally disables SSL/TLS certificate and hostname validation for several features. | ||||
| CVE-2022-42131 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-04-30 | 4.8 Medium |
| Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3. | ||||
| CVE-2024-0057 | 2 Microsoft, Redhat | 19 .net, .net Framework, Powershell and 16 more | 2025-04-30 | 9.1 Critical |
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | ||||
| CVE-2025-28169 | 2025-04-29 | 8.1 High | ||
| BYD QIN PLUS DM-i Dilink OS v3.0_13.1.7.2204050.1 to v3.0_13.1.7.2312290.1_0 was discovered to cend broadcasts to the manufacturer's cloud server unencrypted, allowing attackers to execute a man-in-the-middle attack. | ||||
| CVE-2025-27820 | 2025-04-29 | 7.5 High | ||
| A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. Fixed in the 5.4.3 release | ||||
| CVE-2024-25141 | 1 Apache | 2 Airflow Mongo Provider, Apache-airflow-providers-mongo | 2025-04-28 | 9.1 Critical |
| When ssl was enabled for Mongo Hook, default settings included "allow_insecure" which caused that certificates were not validated. This was unexpected and undocumented. Users are recommended to upgrade to version 4.0.0, which fixes this issue. | ||||
| CVE-2022-43705 | 1 Botan Project | 1 Botan | 2025-04-25 | 9.1 Critical |
| In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 (November 2016). | ||||
| CVE-2021-40713 | 1 Adobe | 1 Experience Manager | 2025-04-23 | 5.9 Medium |
| Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a improper certificate validation vulnerability in the cold storage component. If an attacker can achieve a man in the middle when the cold server establishes a new certificate, they would be able to harvest sensitive information. | ||||
| CVE-2022-23632 | 2 Oracle, Traefik | 2 Communications Unified Inventory Management, Traefik | 2025-04-23 | 7.4 High |
| Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the router choice, which implies the use of a wrong TLS configuration. When sending a request using FQDN handled by a router configured with a dedicated TLS configuration, the TLS configuration falls back to the default configuration that might not correspond to the configured one. If the CNAME flattening is enabled, the selected TLS configuration is the SNI one and the routing uses the CNAME value, so this can skip the expected TLS configuration. Version 2.6.1 contains a patch for this issue. As a workaround, one may add the FDQN to the host rule. However, there is no workaround if the CNAME flattening is enabled. | ||||
| CVE-2022-23649 | 1 Sigstore | 1 Cosign | 2025-04-23 | 3.3 Low |
| Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and push permissions for the signature in OCI. This can happen with both standard signing with a keypair and "keyless signing" with Fulcio. If an attacker has access to the signature in OCI, they can manipulate cosign into believing the entry was stored in Rekor even though it wasn't. The vulnerability has been patched in v1.5.2 of Cosign. The `signature` in the `signedEntryTimestamp` provided by Rekor is now compared to the `signature` that is being verified. If these don't match, then an error is returned. If a valid bundle is copied to a different signature, verification should fail. Cosign output now only informs the user that certificates were verified if a certificate was in fact verified. There is currently no known workaround. | ||||
| CVE-2022-21656 | 1 Envoyproxy | 1 Envoy | 2025-04-23 | 7.4 High |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. The default_validator.cc implementation used to implement the default certificate validation routines has a "type confusion" bug when processing subjectAltNames. This processing allows, for example, an rfc822Name or uniformResourceIndicator to be authenticated as a domain name. This confusion allows for the bypassing of nameConstraints, as processed by the underlying OpenSSL/BoringSSL implementation, exposing the possibility of impersonation of arbitrary servers. As a result Envoy will trust upstream certificates that should not be trusted. | ||||
| CVE-2022-21657 | 1 Envoyproxy | 1 Envoy | 2025-04-23 | 6.8 Medium |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). This means that a peer may present an e-mail certificate (e.g. id-kp-emailProtection), either as a leaf certificate or as a CA in the chain, and it will be accepted for TLS. This is particularly bad when combined with the issue described in pull request #630, in that it allows a Web PKI CA that is intended only for use with S/MIME, and thus exempted from audit or supervision, to issue TLS certificates that will be accepted by Envoy. As a result Envoy will trust upstream certificates that should not be trusted. There are no known workarounds to this issue. Users are advised to upgrade. | ||||
| CVE-2022-21654 | 2 Envoyproxy, Redhat | 2 Envoy, Service Mesh | 2025-04-23 | 7.4 High |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade. | ||||