Описание
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | released | 2.23+dfsg1-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 2.21+dfsg1-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 2.22+dfsg1-1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 2.23+dfsg1-1 |
| esm-apps/noble | released | 2.23+dfsg1-1 |
| esm-apps/xenial | released | 2.20+dfsg1-2ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Alpine before 2.23 silently proceeds to use an insecure connection aft ...
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
5 Medium
CVSS2
7.5 High
CVSS3