Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-36377 - log back

CVE-2021-36377 edited at 13 Jul 2021 11:07:42

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Certificate verification bypass

Description

+	Fossil before version 2.15.2 often skips the hostname check during TLS certificate validation.

References

+	https://www.fossil-scm.org/forum/forumpost/8d367e16f53d93c789d70bd3bf2c9587227bbd5c6a7b8e512cccd79007536036
+	https://www.fossil-scm.org/home/info/aaab2a15d1dfc22f5453c2bad8f25ecf518ed3eef9a7fa6f4c5bd69ab4e4b075

Notes

CVE-2021-36377 created at 13 Jul 2021 11:04:02