GHSA-gq8m-rwgg-6vv3

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.

Ссылки

EPSS

Процентиль: 61%

0.00425

Низкий

8.1 High

CVSS3

CVE ID

CVE-2017-1000256

Дефекты

CWE-295

Связанные уязвимости

CVE-2017-1000256

CVSS3: 8.1

ubuntu

больше 7 лет назад

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.

CVE-2017-1000256

CVSS3: 5

redhat

больше 7 лет назад

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.

CVE-2017-1000256

CVSS3: 8.1

nvd

больше 7 лет назад

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.

CVE-2017-1000256

CVSS3: 8.1

msrc

почти 5 лет назад

Описание отсутствует

CVE-2017-1000256

CVSS3: 8.1

debian

больше 7 лет назад

libvirt version 2.3.0 and later is vulnerable to a bad default configu ...

EPSS

Процентиль: 61%

0.00425

Низкий

8.1 High

CVSS3

CVE ID

CVE-2017-1000256

Дефекты

CWE-295