Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-46153 | Improper Certificate Validation vulnerability in Traefik Traefik is an open source HTTP reverse proxy and load balancer. | 6.5 |
| 2022-11-27 | CVE-2022-43705 | Improper Certificate Validation vulnerability in Botan Project Botan In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. | 9.1 |
| 2022-11-15 | CVE-2022-38666 | Improper Certificate Validation vulnerability in Jenkins Ns-Nd Integration Performance Publisher Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and earlier unconditionally disables SSL/TLS certificate and hostname validation for several features. | 7.5 |
| 2022-11-15 | CVE-2022-45391 | Improper Certificate Validation vulnerability in Jenkins Ns-Nd Integration Performance Publisher Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM. | 7.5 |
| 2022-11-15 | CVE-2022-42131 | Improper Certificate Validation vulnerability in Liferay Digital Experience Platform and Liferay Portal Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. | 4.8 |
| 2022-11-04 | CVE-2022-20960 | Improper Certificate Validation vulnerability in Cisco Email Security Appliance A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. | 7.5 |
| 2022-11-04 | CVE-2022-33684 | Improper Certificate Validation vulnerability in Apache Pulsar The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. | 8.1 |
| 2022-11-01 | CVE-2022-42813 | Improper Certificate Validation vulnerability in Apple products A certificate validation issue existed in the handling of WKWebView. | 9.8 |
| 2022-10-12 | CVE-2022-41316 | Improper Certificate Validation vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise’s TLS certificate auth method did not initially load the optionally configured CRL issued by the role's CA into memory on startup, resulting in the revocation list not being checked if the CRL has not yet been retrieved. | 5.3 |
| 2022-10-11 | CVE-2022-40147 | Improper Certificate Validation vulnerability in Siemens Industrial Edge Management A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). | 7.4 |