漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
CRL Distribution Point Scope Check Logic Error in AWS-LC
Vulnerability Description
A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or AWS-LC-FIPS-3.3.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
证书撤销验证不恰当
Vulnerability Title
AWS libcrypto 安全漏洞
Vulnerability Description
AWS libcrypto是Amazon Web Services开源的一个通用加密库。 AWS libcrypto 1.71.0之前版本存在安全漏洞,该漏洞源于CRL分发点验证中的逻辑错误导致分区的CRL被错误地拒绝为超出范围,从而允许已吊销的证书绕过证书吊销检查。
CVSS Information
N/A
Vulnerability Type
N/A