Описание
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | see note |
| devel | not-affected | see note |
| esm-infra-legacy/trusty | not-affected | see note |
| esm-infra/xenial | not-affected | see note |
| precise/esm | not-affected | see note |
| trusty | not-affected | see note |
| trusty/esm | not-affected | see note |
| upstream | needs-triage | |
| xenial | not-affected | see note |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30 ...
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com."
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3