Alpine prior to 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alpine project alpine |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
debian debian linux 8.0 |