Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2022-02-24 CVE-2021-44533 Improper Certificate Validation vulnerability in multiple products
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly.
network
low complexity
nodejs oracle debian CWE-295
5.3
2022-02-24 CVE-2021-25636 Improper Certificate Validation vulnerability in multiple products
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid.
network
low complexity
libreoffice fedoraproject CWE-295
7.5
2022-02-24 CVE-2022-25638 Improper Certificate Validation vulnerability in Wolfssl
In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server.
network
low complexity
wolfssl CWE-295
6.5
2022-02-24 CVE-2022-25640 Improper Certificate Validation vulnerability in Wolfssl
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication.
network
low complexity
wolfssl CWE-295
7.5
2022-02-22 CVE-2022-21654 Improper Certificate Validation vulnerability in Envoyproxy Envoy
Envoy is an open source edge and service proxy, designed for cloud-native applications.
network
low complexity
envoyproxy CWE-295
critical
9.8
2022-02-22 CVE-2022-21657 Improper Certificate Validation vulnerability in Envoyproxy Envoy
Envoy is an open source edge and service proxy, designed for cloud-native applications.
network
low complexity
envoyproxy CWE-295
6.5
2022-02-18 CVE-2021-29656 Improper Certificate Validation vulnerability in Pexip Infinity Connect
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation.
network
low complexity
pexip CWE-295
critical
9.8
2022-02-18 CVE-2022-23649 Improper Certificate Validation vulnerability in Sigstore Cosign
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project.
local
low complexity
sigstore CWE-295
3.3
2022-02-17 CVE-2022-23632 Improper Certificate Validation vulnerability in multiple products
Traefik is an HTTP reverse proxy and load balancer.
network
low complexity
traefik oracle CWE-295
7.5
2022-02-16 CVE-2022-22885 Improper Certificate Validation vulnerability in Hutool 5.7.18
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
network
low complexity
hutool CWE-295
critical
9.8