VDB

GCVE-110-MAGEIA-2020-18

GCVE-110-MAGEIA-2020-18
Advisory Published
Vulnetix · Advisory published January 5, 2020
Updated jss packages fix security vulnerability: A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle (CVE-2019-14823).

Affected Products

VendorProductVersionsPlatforms
Mageiajss0 (affected), 4.6.2-1.mga7 (unaffected), 0 (affected), 4.6.2-1.mga7 (unaffected)
Mageiarpm-mageia-setup0 (affected), 2.39.2-1.mga7 (unaffected)

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›