Description
A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
http://lists.opensuse.org/opensuse-updates/2018-01/msg00038.html
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1272503
Mailing List, Third Party Advisory x_refsource_misc
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html
Mailing List, Third Party Advisory x_refsource_misc
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174540.html
Scores
CVSS v3
5.3
EPSS
0.0011
EPSS Percentile
29.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (7)
aquamaniac/gwenhywfar
< 4.12.0
debian/debian_linux
8.0
debian/debian_linux
9.0
debian/debian_linux
10.0
debian/debian_linux
11.0
opensuse/leap
42.2
opensuse/leap
42.3
Published
Dec 03, 2019
Tracked Since
Feb 18, 2026