Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
References
Configurations
History
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-06-19 19:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-14929
Mitre link : CVE-2020-14929
CVE.ORG link : CVE-2020-14929
JSON object : View
Products Affected
alpine_project
- alpine
debian
- debian_linux
fedoraproject
- fedora
CWE