Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-4237

Опубликовано: 29 сент. 2010
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6mercurialWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=641373Mercurial: Doesn't verify subject Common Name

EPSS

Процентиль: 54%
0.00307
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-4237

CVSS3: 5.9
ubuntu
больше 6 лет назад

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.

nvd логотип

CVE-2010-4237

CVSS3: 5.9
nvd
больше 6 лет назад

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.

debian логотип

CVE-2010-4237

CVSS3: 5.9
debian
больше 6 лет назад

Mercurial before 1.6.4 fails to verify the Common Name field of SSL ce ...

github логотип

GHSA-7gf7-7wx4-mxmw

CVSS3: 5.9
github
почти 4 года назад

Mercurial Improper Certificate Validation vulnerability

EPSS

Процентиль: 54%
0.00307
Низкий

4.3 Medium

CVSS2