Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-21373 | Improper Certificate Validation vulnerability in Nim-Lang NIM Nimble is a package manager for the Nim programming language. | 5.9 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |
| 2021-03-24 | CVE-2021-1471 | Improper Certificate Validation vulnerability in Cisco Jabber Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a denial of service (DoS) condition. | 5.6 |
| 2021-03-15 | CVE-2021-28363 | Improper Certificate Validation vulnerability in multiple products The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. | 6.5 |
| 2021-03-10 | CVE-2020-15260 | Improper Certificate Validation vulnerability in Teluu Pjsip PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. | 6.8 |
| 2021-03-05 | CVE-2021-27098 | Improper Certificate Validation vulnerability in Cncf Spire In SPIRE 0.8.1 through 0.8.4 and before versions 0.9.4, 0.10.2, 0.11.3 and 0.12.1, specially crafted requests to the FetchX509SVID RPC of SPIRE Server’s Legacy Node API can result in the possible issuance of an X.509 certificate with a URI SAN for a SPIFFE ID that the agent is not authorized to distribute. | 8.1 |
| 2021-03-04 | CVE-2021-22189 | Improper Certificate Validation vulnerability in Gitlab Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues. | 7.2 |
| 2021-02-27 | CVE-2020-35662 | Improper Certificate Validation vulnerability in multiple products In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated. | 7.4 |
| 2021-02-27 | CVE-2020-28972 | Improper Certificate Validation vulnerability in multiple products In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate. | 5.9 |
| 2021-02-25 | CVE-2021-3406 | Improper Certificate Validation vulnerability in multiple products A flaw was found in keylime 5.8.1 and older. | 9.8 |