Skip to main content

Stunnel

4 CVEs product

Monthly

CVE-2021-20230 HIGH PATCH This Week

A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Stunnel
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2015-3644 MEDIUM PATCH This Month

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Authentication Bypass Stunnel
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2014-0016 MEDIUM PATCH This Month

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure OpenSSL Stunnel
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1762 MEDIUM This Month

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Code Injection RCE Stunnel
NVD
CVSS 2.0
6.6
EPSS
2.0%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Stunnel
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Authentication Bypass Stunnel
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure OpenSSL Stunnel
NVD VulDB
EPSS 2% CVSS 6.6
MEDIUM This Month

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Code Injection RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy