CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8059

The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 5.8

References

http://openwall.com/lists/oss-security/2018/03/07/4
https://exchange.xforce.ibmcloud.com/vulnerabilities/140144
http://openwall.com/lists/oss-security/2018/03/07/4

Products affected by CVE-2018-8059

Suse » Portus » Version: 2.3.0

cpe:2.3:a:suse:portus:2.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8059

Products

Pricing

Contact Us