Lucene search
GoogleOSV:RUSTSEC-2017-0003HistoryMar 15, 2017 - 12:00 p.m.
Hostname verification skipped when custom root certs used
2017-03-1512:00:00
Google
osv.dev
8
EPSS
0.001
Percentile
35.9%
If custom root certificates were registered with a ClientBuilder, the
hostname of the target server would not be validated against its presented leaf
certificate.
This issue was fixed by properly configuring the trust evaluation logic to
perform that check.
Related
debiancve
debiancve
CVE-2017-18588
2019-08-26 18:15:11
github
github
Improper Certificate Validation in security-framework
2021-08-25 20:42:59
ubuntucve
ubuntucve
CVE-2017-18588
2019-08-26 00:00:00
prion
prion
Design/Logic Flaw
2019-08-26 18:15:00
rustsec
rustsec
Hostname verification skipped when custom root certs used
2017-03-15 12:00:00
osv
osv
Improper Certificate Validation in security-framework
2021-08-25 20:42:59
CVE-2017-18588
2019-08-26 18:15:11
cvelist
cvelist
CVE-2017-18588
2019-08-26 17:18:39
nvd
nvd
CVE-2017-18588
2019-08-26 18:15:11
cve
cve
CVE-2017-18588
2019-08-26 18:15:11