← Back

Csync2

csync2

Vendor: Linbit • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-15523
2Debian
Linbit
2Csync2
Debian Linux
Nov 21, 2024
Dec 30, 2020
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as requi...Show more
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.Show less
CVE-2019-15522
1Linbit
1Csync2
Nov 21, 2024
Mar 20, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL.