Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2020-7041
- EPSS 1.79%
- Veröffentlicht 27.02.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:32
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
5.3
CVE-2020-7042
- EPSS 0.84%
- Veröffentlicht 27.02.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:32
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (o...
9.1
CVE-2020-7043
- EPSS 0.64%
- Veröffentlicht 27.02.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:32
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com att...
1