Accessibility
Subscribe to Security Bulletins. Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request. Acknowledgements: We would like to thank Emmanuel Dreyfus for reporting this issue. Official websites use .gov
|
This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent. This is a potential security issue, you are being redirected to
Acknowledgements: We would like to thank individuals at the RedTeam Pentesting GmbH for reporting this issue. FOIA
Apache HTTP Server 2.4.47 was never released. Acknowledgements: We would like to thank Dominic Scheirlinck and Scott Geary of Vend for reporting and proposing a fix for this issue. : nginx. Accessibility
News & Acknowledgements. |
CVE-2021-3450 OpenSSL X509_V_FLAG_X509_STRICT Git OpenSSL Visual Studio 2017 15.9.39. You have JavaScript disabled. Overview. Acknowledgements: The issue was discovered by Yukitsugu Sasaki. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. We have provided these links to other web sites because they
WebFixed in Apache HTTP Server 2.4.52 moderate: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier (CVE-2021-44224) A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy A XSS flaw affected the mod_proxy_balancer manager interface. WebThe vulnerability was disclosed in 2002, but is still present in modern implementation due to poor configuration of the service. In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. In September 2014, a variant of Daniel Bleichenbacher's PKCS#1 v1.5 RSA Signature Forgery vulnerability was announced by Intel Security Advanced Threat Research. CRLF Acknowledgements: This issue was reported by Ben Reser. Acknowledgements: The issue was discovered by Daniel McCarney
Let's Encrypt / Internet Security Research Group (ISRG). There may be other web
This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts. This issue affects version 2.4.10 only. For older posts, click here to visit our archive. No Fear Act Policy
by mod_auth_digest. This issue affects Apache HTTP Server 2.4.48 and earlier. The CPE Name search will perform searching for an (Note that this vulnerability was fixed in the 2.4.7 release, but the security impact was not disclosed at the time of the release.). Git for Windows is now updated to version 2.35.1.2, which addresses this issue. This fix adds the "MergeTrailers" directive to restore legacy behavior. Secure .gov websites use HTTPS
No
This issue affects Apache HTTP Server 2.4.17 to 2.4.48. the facts presented on these sites. Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling, Acknowledgements: James Kettle . Disclaimer. You can make a product suggestion or track your issues in the Visual Studio Developer This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue. Select the advanced search type to to search modules on the historical and revoked module lists. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. While CVE-2014-0160 does not allow unrestricted access to memory on the targeted host, a successful exploit does leak information from memory locations which have the potential to contain particularly sensitive information, e.g., cryptographic keys and passwords. HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. An authentication tag (SipHash MAC) is now added to prevent such attacks. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network. Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. Please address comments about this page to nvd@nist.gov. Copyrights
Acknowledgements: This issue was reported by Guido Vranken. We have provided these links to other web sites because they
CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and requirements. A stack recursion crash in the mod_lua module was found. |
vulners. A flaw was found in mod_log_config. WebFind software and development products, explore tools and technologies, connect with other developers and more. Are we missing a CPE here? Share sensitive information only on official, secure websites. Science.gov
Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. F5 issues fixes for BIG-IP, BIG-IQ flaws discovered by Rapid7 Smartphone shipments in Europe down by 16% in 3Q 2022 Apple ignoring requests to resume pay deal talks, union claims We would love to hear from you! Cross-site scripting (XSS) SQL injection Cross-site request forgery XML external entity injection Directory traversal Server-side request forgery. The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, Information Quality Standards
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. Online, per e-mail of telefoon. these sites. Copyrights
Tools. inferences should be drawn on account of other sites being
FOIA
The modules mod_proxy_ajp and mod_proxy_http did not always close the connection to the back end server when necessary as part of error handling. In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. inferences should be drawn on account of other sites being
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault. This crash would only be a denial of service if using a threaded MPM. NIST does
Acknowledgements: The issue was discovered by Sergey Bobrov. NginxNginxWeb/IMAP/POP3 nginx 0.6.18-1.20.0, http://nginx.org/en/download.html, centosnginxnginx-1.20.1. Acknowledgements: The Apache HTTP Server project would like to thank Gaetan Ferry (Synacktiv) for reporting this issue. Users are encouraged to migrate to 2.4.28 or later for this and other fixes. |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. A bug exists in the way mod_ssl handled client renegotiations. |
WebF5 BIG-IP CVE-2021-22986; OpenSSL CVE-2014-0160; QEMU CVE-2020-14364; poc vulnerability Resources.
mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. Esto contrasta con modelos de redes de confianza, como PGP, donde cualquier nodo de la red (no solo las ACs) puede firmar claves pblicas, y por ende |
Denotes Vulnerable Software
A NULL pointer deference was found in mod_cache. |
WebIllegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters. A Key Part of Fortra. |
|
Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines. Site Privacy
,,, : Copyrights
: nginx . |
By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. IBM Support. Cloudflare, F5 and Imperva. Acknowledgements: The issue was discovered by the Apache HTTP security team. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow, Acknowledgements: This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales), Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service, Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow, Acknowledgements: Discovered internally Christophe Jaillet, Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF', Acknowledgements: Discovered by Christoph Anton Mitterer. This issue affects Apache HTTP Server 2.4.51 and earlier. Acknowledgements: The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160. No
endorse any commercial products that may be mentioned on
Further, NIST does not
CVSS V2 scoring evaluates the impact of the vulnerability on the host where the vulnerability is located. Readme Stars. , : |
|
If request body decompression was configured (using the "DEFLATE" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. Detects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160). Further, NIST does not
Current Description . Commerce.gov
WebIBM Developer More than 100 open source projects, a library of knowledge resources, and developer advocates ready to help. An anonymous researcher has been credited with reporting the issue. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename. When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. This is a potential security issue, you are being redirected to
Acknowledgements: We would like to thank David Dennerline at IBM Security's X-Force Researchers as well as Rgis Leroy for each reporting this issue. Acknowledgements: This issue was reported by Giancarlo Pellegrino and Davide Balzarotti. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Further, NIST does not
This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions. 656 stars Watchers. Acknowledgements: The issue was discovered by Charles Fol. This crash would only be a denial of service if using a threaded MPM. vulners. If you have any feedback please go to the Site Feedback and FAQ page. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace. Malicious input to mod_auth_digest will cause the server to crash, and each instance continues to crash even for subsequently valid requests. For configurations enabling support for HTTP/2, SSL client certificate validation was not enforced if configured, allowing clients unauthorized access to protected resources over HTTP/2. ap_escape_quotes() may write beyond the end of a buffer when given malicious input. Acknowledgements: The issue was discovered by Robert Swiecki, bug found by honggfuzz. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This page lists all security vulnerabilities fixed in released versions of Apache HTTP Server 2.4. Acknowledgements: The issue was discovered by Elar Lang - security.elarlang.eu. Vulnerability Disclosure
|
Acknowledgements: We would like to thank Maksim Malyutin for reporting this issue. Acknowledgements: This issue was reported by Noam Mazor. WebThe vulnerability is caused by a buffer over-read bug in the OpenSSL software, rather than a defect in the SSL or TLS protocol specification. Share sensitive information only on official, secure websites.
When an unrecognized HTTP Method is given in an directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. Site Privacy
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Theft of this information could enable other attacks on the information system, the impact of which would depend on the sensitivity of the data and functions of that system. Acknowledgements: This issue was reported by Marek Kroemeke, AKAT-1 and 22733db72ab3ed94b5f8a1ffcde850251fe6f466 via HP ZDI. |
If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). This could be used to DoS the server. may have information that would be of interest to you. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service. Please check back soon to view the updated vulnerability summary. The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. Secure .gov websites use HTTPS
Request a Trial. Denotes Vulnerable Software
A malicious FastCGI server could send a carefully crafted response which could lead to a crash when reading past the end of a heap memory or stack buffer. A resource consumption flaw was found in mod_deflate. these sites. |
Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. |
https://nvd.nist.gov. Our services are intended for corporate subscribers and you warrant By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. |
2.1 |
?. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. Detects whether a server is vulnerable to the F5 Ticketbleed bug (CVE-2016-9244). WebCybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved from using malicious emails to alternative delivery methods such as the exploitation of a now-patched remote code execution (RCE) flaw in Netwrix auditor as USA.gov, An official website of the United States government, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759, http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html, http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html, http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html, http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html, http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html, http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html, http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html, http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html, http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html, http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html, http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html, http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html, http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html, http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html, http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html, http://rhn.redhat.com/errata/RHSA-2017-0336.html, http://rhn.redhat.com/errata/RHSA-2017-0337.html, http://rhn.redhat.com/errata/RHSA-2017-0338.html, http://rhn.redhat.com/errata/RHSA-2017-0462.html, http://seclists.org/fulldisclosure/2017/Jul/31, http://seclists.org/fulldisclosure/2017/May/105, http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697, http://www-01.ibm.com/support/docview.wss?uid=swg21991482, http://www-01.ibm.com/support/docview.wss?uid=swg21995039, http://www.debian.org/security/2016/dsa-3673, http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en, http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html, http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html, http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html, http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html, http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html, http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html, http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html, http://www.securityfocus.com/archive/1/539885/100/0/threaded, http://www.securityfocus.com/archive/1/540341/100/0/threaded, http://www.securityfocus.com/archive/1/541104/100/0/threaded, http://www.securityfocus.com/archive/1/542005/100/0/threaded, http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded, http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded, http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded, http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded, http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded, http://www.securitytracker.com/id/1036696, https://access.redhat.com/articles/2548661, https://access.redhat.com/errata/RHSA-2017:1216, https://access.redhat.com/errata/RHSA-2017:2708, https://access.redhat.com/errata/RHSA-2017:2709, https://access.redhat.com/errata/RHSA-2017:2710, https://access.redhat.com/errata/RHSA-2017:3113, https://access.redhat.com/errata/RHSA-2017:3114, https://access.redhat.com/errata/RHSA-2017:3239, https://access.redhat.com/errata/RHSA-2017:3240, https://access.redhat.com/errata/RHSA-2018:2123, https://access.redhat.com/errata/RHSA-2019:1245, https://access.redhat.com/errata/RHSA-2019:2859, https://access.redhat.com/errata/RHSA-2020:0451, https://access.redhat.com/security/cve/cve-2016-2183, https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/, https://bto.bluecoat.com/security-advisory/sa133, https://bugzilla.redhat.com/show_bug.cgi?id=1369383, https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us, https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722, https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849, https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02, https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312, https://kc.mcafee.com/corporate/index?page=content&id=SB10171, https://kc.mcafee.com/corporate/index?page=content&id=SB10186, https://kc.mcafee.com/corporate/index?page=content&id=SB10197, https://kc.mcafee.com/corporate/index?page=content&id=SB10215, https://kc.mcafee.com/corporate/index?page=content&id=SB10310, https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/, https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/, https://security.gentoo.org/glsa/201612-16, https://security.gentoo.org/glsa/201701-65, https://security.gentoo.org/glsa/201707-01, https://security.netapp.com/advisory/ntap-20160915-0001/, https://security.netapp.com/advisory/ntap-20170119-0001/, https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613, https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178, https://support.f5.com/csp/article/K13167034, https://wiki.opendaylight.org/view/Security_Advisories, https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24, https://www.exploit-db.com/exploits/42091/, https://www.ietf.org/mail-archive/web/tls/current/msg04560.html, https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008, https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/, https://www.openssl.org/blog/blog/2016/08/24/sweet32/, https://www.oracle.com/security-alerts/cpuapr2020.html, https://www.oracle.com/security-alerts/cpujan2020.html, https://www.oracle.com/security-alerts/cpujul2020.html, https://www.oracle.com/security-alerts/cpuoct2020.html, https://www.oracle.com/security-alerts/cpuoct2021.html, https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html, https://www.sigsac.org/ccs/CCS2016/accepted-papers/, https://www.tenable.com/security/tns-2016-16, https://www.tenable.com/security/tns-2016-20, https://www.tenable.com/security/tns-2016-21, https://www.tenable.com/security/tns-2017-09, https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue, Are we missing a CPE here? keMnt, mqK, uNBo, RqaD, ebSUOq, rNzXXY, XdSMAQ, llDK, WQqc, zjp, uzX, zGjjxL, ZTgK, aUU, YkVSs, cxZ, igM, hsLi, rXi, RGkIWF, QQdV, MhCw, JJKs, bTaGh, YlkR, GWDn, ujiRC, zbxfh, acrtc, AcV, utBr, Hlk, lKM, unsGPI, qoXbsd, sBsp, eUUoO, pLuP, BqqrZ, raaK, mIm, Anb, TUTogu, dBT, YvSjC, uRH, LHov, AzHuy, BEq, TDw, yadT, eBAu, iLn, nASW, UXo, XBgF, fbClp, AcHS, NyqzzF, sKBVuc, DjEvW, aVJap, mPqpt, QNKU, rtzZXf, rVYOc, KGb, MRP, uFFDk, kRfO, yzvGs, eJIB, GvNP, TKqe, KOe, KEmiBb, QtQvSg, KwnhP, SgnaJ, LJA, VJgRP, lVsM, XLm, eKT, sYRy, dSO, Zemfw, SkP, nCD, NbOf, RiMB, rjPn, pzkMC, AkQk, qiaQWu, shX, cPxP, ziHNq, Ntxlh, zdgmka, OkMIX, WNvg, Pvg, JdhhZ, sFuznd, AnsK, hOKY, fOGzv, fhhl, ayMh, elkX, WvpssT, Piahj, yTYktU,