Количество 3
Количество 3
CVE-2015-5894
The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.
GHSA-77w5-p2v7-hh9q
The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate.
BDU:2015-11645
Уязвимость операционной системы Mac OS X, позволяющая нарушителю проводить атаки типа "человек по середине"
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-5894 The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
| GHSA-77w5-p2v7-hh9q The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | 0% Низкий | больше 3 лет назад | |
 | BDU:2015-11645 Уязвимость операционной системы Mac OS X, позволяющая нарушителю проводить атаки типа "человек по середине" | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
Уязвимостей на страницу