Description
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.
References (2)
Core 2
Core References
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/140144
Mailing List, Third Party Advisory x_refsource_misc
http://openwall.com/lists/oss-security/2018/03/07/4
Scores
CVSS v3
8.8
EPSS
0.0005
EPSS Percentile
16.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-295
Status
published
Products (1)
suse/portus
2.3.0
Published
Mar 11, 2018
Tracked Since
Feb 18, 2026