GHSA-f399-ff4w-62fm

Опубликовано: 22 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

Ссылки

EPSS

Процентиль: 30%

0.00105

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2022-37026

Дефекты

CWE-287

Связанные уязвимости

CVE-2022-37026

CVSS3: 9.8

ubuntu

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

CVE-2022-37026

CVSS3: 9.4

redhat

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

CVE-2022-37026

CVSS3: 9.8

nvd

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

CVE-2022-37026

CVSS3: 9.8

debian

почти 3 года назад

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before ...

SUSE-SU-2023:4109-1

suse-cvrf

больше 1 года назад

Security update for erlang

EPSS

Процентиль: 30%

0.00105

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2022-37026

Дефекты

CWE-287