Описание
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-security-framework-sys | not-affected | package |
Примечания
https://rustsec.org/advisories/RUSTSEC-2017-0003.html
EPSS
Процентиль: 29%
0.00104
Низкий
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 6 лет назад
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates.
CVSS3: 5.3
nvd
больше 6 лет назад
An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates.
CVSS3: 5.3
github
больше 4 лет назад
Improper Certificate Validation in security-framework
EPSS
Процентиль: 29%
0.00104
Низкий