CVE-2021-36377

Опубликовано: 12 июл. 2021

Источник: debian

EPSS Низкий

Описание

Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.

Пакет	Статус	Версия исправления	Релиз	Тип
fossil	fixed	1:2.15.2-1		package
fossil	no-dsa		buster	package
fossil	no-dsa		stretch	package

https://fossil-scm.org/forum/forumpost/8d367e16f53d93c789d70bd3bf2c9587227bbd5c6a7b8e512cccd79007536036

EPSS

Процентиль: 29%

0.00105

Низкий

CVE-2021-36377

CVSS3: 7.5

ubuntu

больше 4 лет назад

Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.

CVE-2021-36377

CVSS3: 7.5

nvd

больше 4 лет назад

Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.

GHSA-4cqm-xv6v-78c5

github

больше 3 лет назад

Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.

EPSS

Процентиль: 29%

0.00105

Низкий