exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-5814

около 1 года назад

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

EPSS: Низкий

CVE-2024-5814

около 1 года назад

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

EPSS: Низкий

CVE-2024-5814

12 месяцев назад

EPSS: Низкий

CVE-2024-5814

около 1 года назад

A malicious TLS1.2 server can force a TLS1.3 client with downgrade cap ...

EPSS: Низкий

GHSA-8cr7-x5g8-m3f3

около 1 года назад

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

EPSS: Низкий

BDU:2024-07277

больше 1 года назад

Уязвимость реализации протокола TLS библиотеки SSL/TLS WolfSSL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-5814 A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500		0% Низкий	около 1 года назад
CVE-2024-5814 A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500		0% Низкий	около 1 года назад
CVE-2024-5814		0% Низкий	12 месяцев назад
CVE-2024-5814 A malicious TLS1.2 server can force a TLS1.3 client with downgrade cap ...		0% Низкий	около 1 года назад
GHSA-8cr7-x5g8-m3f3 A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500		0% Низкий	около 1 года назад
BDU:2024-07277 Уязвимость реализации протокола TLS библиотеки SSL/TLS WolfSSL, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации	CVSS3: 5.3	0% Низкий	больше 1 года назад

Уязвимостей на страницу