VDB
GCVE-110-MAGEIA-2014-427
GCVE-110-MAGEIA-2014-427
Advisory Published
Updated nginx package fixes security vulnerability:
Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was
possible to reuse cached SSL sessions in unrelated contexts, allowing virtual
host confusion attacks in some configurations by an attacker in a privileged
network position (CVE-2014-3616).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nginx | 0 (affected), 1.2.9-1.3.mga3 (unaffected) | — |
| Mageia | nginx | 0 (affected), 1.4.7-1.1.mga4 (unaffected) | — |
| AWS | config | — | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.