CVE-2019-15522

Опубликовано: 20 мар. 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
csync2	fixed	2.0-25-gc0faaf9-1		package
csync2	fixed	2.0-22-gce67c55-1+deb10u1	buster	package
csync2	fixed	2.0-8-g175a01c-4+deb9u1	stretch	package
csync2	no-dsa		jessie	package

Примечания

https://github.com/LINBIT/csync2/pull/13/commits/0ecfc333da51575f188dd7cf6ac4974d13a800b1

EPSS

Процентиль: 66%

0.00521

Низкий

Связанные уязвимости

CVE-2019-15522

CVSS3: 9.8

ubuntu

почти 6 лет назад

An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.

CVE-2019-15522

CVSS3: 9.8

nvd

почти 6 лет назад

An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.

SUSE-SU-2021:14763-1

suse-cvrf

больше 4 лет назад

Security update for csync2

GHSA-384j-hgrr-qp35

github

больше 3 лет назад

An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.

openSUSE-SU-2021:0853-1

suse-cvrf

больше 4 лет назад

Security update for csync2

EPSS

Процентиль: 66%

0.00521

Низкий