-
When trying to connect to ssl site using Firefox:
2015/06/03 12:38:28 [093] INFO: Running 1 CONNECT handlers
2015/06/03 12:38:28 [093] INFO: on 0th handler: &{2 } www.google.mn:443
2015/06/03 12:38…
tsgan updated
8 years ago
-
## CVE-2021-22890 - Low Severity Vulnerability
Vulnerable Libraries - curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7_69_1, curlcurl-7…
-
Credentials are commonly stored in a database of some sort which may be compromised by a database dump or other access short of RCE/MITM. We can encrypt the shared secret in storage, but we still have…
-
When using DoT/DoQ/DoH, but not using DANE (no TLSA records or TLSA SvcParams), what SNI do we use? i.e. what is the [Authentication Domain Name](https://datatracker.ietf.org/doc/html/rfc8310#:~:text=…
-
This is a top crasher in 1.48.x:
```
panic: runtime error: slice bounds out of range [54:35]
--
13:35:08 |
13:35:08 | goroutine 54800 [running]:
13:35:08 | internal/poll.(*FD).Write(0x14000a…
-
**Platform: ** iOS & Android
**Mapbox SDK version:** All
The `Cert Pinning` does not encompass the tiledata URLs from the Mapbox/5.1.4 agent; which means these could be read by an attacker in a tr…
-
it'd be good to have https support and induce chaos at the HTTPS layer
-
**Describe your question**
I cannot connect to our LDAP source because the TLS certificate is expired (since its an internal certificate, my colleagues dont make the efforts to renew it). So I have t…
-
**Description**
The `docker login` command should ideally support a new `--tls-verify` option for marking insecure registries at runtime.
**Current methodology:**
Currently, any insecure regi…
-
[HTTP Public Key Pinning (HPKP)](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning) ([OWASP guide](https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning)), defined …